Detections
Analytics
SuSE 11 / 11.1 Security Update : OpenSSL (SAT Patch Numbers 3208 / 3209)
medium Nessus Plugin ID 50938
Language:
Synopsis
The remote SuSE 11 host is missing one or more security updates.Description
Specially crafted responses from SSL servers could cause a double-free bug in openssl's client implementation. Malicious servers could exploit that to crash programs use openssl for the SSL connection (CVE-2010-2939). This has been fixed.Solution
Apply SAT patch number 3208 / 3209 as appropriate.See Also
https://bugzilla.novell.com/show_bug.cgi?id=608666
Plugin Details
Severity: Medium
ID: 50938
File Name: suse_11_libopenssl-devel-100927.nasl
Version: 1.9
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 12/2/2010
Updated: 1/14/2021
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 4.2
CVSS v2
Risk Factor: Medium
Base Score: 4.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:11:libopenssl0_9_8, p-cpe:/a:novell:suse_linux:11:libopenssl0_9_8-32bit, p-cpe:/a:novell:suse_linux:11:openssl, p-cpe:/a:novell:suse_linux:11:openssl-doc, cpe:/o:novell:suse_linux:11
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Patch Publication Date: 9/27/2010
Reference Information
CVE: CVE-2010-2939