VMware Security Advisory 2012-0013 - VMware has updated several third party libraries in vSphere and vcOps to address multiple security vulnerabilities.
ab37b6926b046653acdeeef66e7c85ba
HP Security Bulletin HPSBMU02764 SSRT100827 2 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely and locally resulting in cross site request forgery (CSRF), Denial of Service (DoS), execution of arbitrary code, and other vulnerabilities. Revision 2 of this advisory.
309e442bfe4de81d1da4a903beb9bb3ce130e05b0ec3c99ada2e50debacf94af
HP Security Bulletin HPSBMU02764 SSRT100827 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely and locally resulting in cross site request forgery (CSRF), Denial of Service (DoS), execution of arbitrary code, and other vulnerabilities. Revision 1 of this advisory.
ef4dc6d5c693e4d1488186aa6471a0d6ae5ab0b725cd9a055f4101f928dcf379
SUSE Security Announcement - This is the SUSE-SU-403 Forbidden-1 security update for OpenSSL. This update improves the ClientHello handshake message parsing function. Prior to this update is was possible that this function reads beyond the end of a message leading to invalid memory access and a crash. Under some circumstances it was possible that information from the OCSP extensions was disclosed.
50c52c2e0fdd8eb6b1d4dd0b903981e171646d9fea43adee0e5936425186a5bb
HP Security Bulletin HPSBUX02689 SSRT100494 2 - A potential security vulnerability has been identified with HP-UX OpenSSL. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 2 of this advisory.
410d172768a0ba4e161eff00917672425a62136388aa62870dd61928f6ac75a7
HP Security Bulletin HPSBUX02689 SSRT100494 - A potential security vulnerability has been identified with HP-UX OpenSSL. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.
ac6455fc493f252273e71ee00d03a7f14a58e2dc3d082995453570d215bd7358
HP Security Bulletin HPSBOV02670 SSRT100475 - Potential vulnerabilities have been identified with HP OpenVMS running SSL. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS) or unauthorized disclosure of information, or by a remote unauthorized user to modify data, prompts, or responses. Revision 1 of this advisory.
1580382bbf55fde0f91e439f0d90c3aff5767f568e5cc0fa24c41bb05a7b36a4
Ubuntu Security Notice 1064-1 - Neel Mehta discovered that incorrectly formatted ClientHello handshake messages could cause OpenSSL to parse past the end of the message. This could allow a remote attacker to cause a crash and denial of service by triggering invalid memory accesses.
0363a4620aad3ba274e0d561fa4343dcb277629a86069b3850aa4b9eed29fc1c
Mandriva Linux Security Advisory 2011-028 - Incorrectly formatted ClientHello handshake message could cause OpenSSL to parse past the end of the message. This allows an attacker to crash an application using OpenSSL by triggering an invalid memory access. Additionally, some applications may be vulnerable to expose contents of a parsed OCSP nonce extension.
2b7b0d41ceaac24980fc028cbc657ac4083b57ea934c5280858484dfc8348854
Debian Linux Security Advisory 2162-1 - Neel Mehta discovered that an incorrectly formatted ClientHello handshake message could cause OpenSSL to parse past the end of the message. This allows an attacker to crash an application using OpenSSL by triggering an invalid memory access. Additionally, some applications may be vulnerable to expose contents of a parsed OCSP nonce extension.
85bafee235722d8c60461177c2d6712b574cd4b5ea8e903eae3e2d9a139f0ed8
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
92511d1f0caaa298dba250426f8e7d5d00b271847886d1adc62422778d6320db
OpenSSL Security Advisory 20110208 - Incorrectly formatted ClientHello handshake messages could cause OpenSSL to parse past the end of the message.
3db6ab2a088940be9ca5f4911b7eb0e19ae17309a7ff07ca88cd66bf66a8ee51