VMware Security Advisory 2010-0019 - ESX 3.x Console OS (COS) updates for samba, bzip2, and openssl packages.
77bea71347b06ea7767dc27e922cab06HP Security Bulletin - Potential security vulnerabilities have been identified with HP SSL for OpenVMS. The vulnerabilities could be remotely exploited resulting in unauthorized data injection or a Denial of Service (DoS).
b134d55a57e80dbade7837d63cb7577cVMware Security Advisory - Updates have been issues for ESX Service Console newt, nfs-utils, and glib2 packages. vMA updates for newt, nfs-util, glib2, kpartx, libvolume-id, device-mapper-multipath, fipscheck, dbus, dbus-libs, ed, openssl, bind, expat, openssh, ntp and kernel packages have also been issued.
e7771d8406b79f65ee870397e15c5e8aHP Security Bulletin - Potential security vulnerabilities have been identified with Insight Control Suite For Linux (ICE-LX). The vulnerabilities could be remotely exploited to allow Cross Site Request Forgery (CSRF) , Remote Execution of Arbitrary Code, Denial of Service (DoS) and other vulnerabilities.
7f6aba6173004898da5e77439760241cHP Security Bulletin - Potential security vulnerabilities have been identified with HP-UX running OpenSSL. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS) and bypass security restrictions.
e63ec8ee2f58d8bc94333dc6f8b82168FreeBSD Security Advisory - The function ASN1_STRING_print_ex does not properly validate the lengths of BMPString or UniversalString objects before attempting to print them. An application which attempts to print a BMPString or UniversalString which has an invalid length will crash as a result of OpenSSL accessing invalid memory locations. This could be used by an attacker to crash a remote application.
e6bd0ea3c6d179e78026ab0043d0058dGentoo Linux Security Advisory GLSA 200904-08 - An error in OpenSSL might allow for a Denial of Service when printing certificate details. The ASN1_STRING_print_ex() function does not properly check the provided length of a BMPString or UniversalString, leading to an invalid memory access. Versions less than 0.9.8k are affected.
20655fdd6154756aab4a68471a6e62f8Debian Security Advisory 1763-1 - It was discovered that insufficient length validations in the ASN.1 handling of the OpenSSL crypto library may lead to denial of service when processing a manipulated certificate.
501f984e2b5acc4da34911e21c92a321Mandriva Linux Security Advisory 2009-087 - A security vulnerability has been identified and fixed in OpenSSL, which could crash applications using OpenSSL library when parsing malformed certificates. The updated packages have been patched to prevent this.
c1f33c835cd710b76093ab3bf7c2aae9Ubuntu Security Notice USN-750-1 - It was discovered that OpenSSL did not properly validate the length of an encoded BMPString or UniversalString when printing ASN.1 strings. If a user or automated system were tricked into processing a crafted certificate, an attacker could cause a denial of service via application crash in applications linked against OpenSSL.
5acec8f6ecd3bb983443b5f6b7ad3237OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
e555c6d58d276aec7fdc53363e338ab3
© 2016 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed