The version of OpenSSL installed on the remote AIX host is affected by multiple vulnerabilities :

  - A NULL pointer dereference flaw exists in file     rsa_ameth.c when handling ASN.1 signatures that use the     RSA PSS algorithm but are missing a mask generation     function parameter. A remote attacker can exploit this     to cause the signature verification routine to crash,     leading to a denial of service. (CVE-2015-3194)

  - A flaw exists in the ASN1_TFLG_COMBINE implementation in     file tasn_dec.c related to handling malformed     X509_ATTRIBUTE structures. A remote attacker can exploit     this to cause a memory leak by triggering a decoding     failure in a PKCS#7 or CMS application, resulting in a     denial of service. (CVE-2015-3195)

  - A race condition exists in s3_clnt.c that is triggered     when PSK identity hints are incorrectly updated in the     parent SSL_CTX structure when they are received by a     multi-threaded client. A remote attacker can exploit     this, via a crafted ServerKeyExchange message, to cause     a double-free memory error, resulting in a denial of     service. (CVE-2015-3196)

The Cisco AnyConnect Secure Mobility Client installed on the remote host is a version prior to 3.1.13015.0 or 4.2.x prior to 4.2.1035.0.
It is, therefore, affected by multiple vulnerabilities in the bundled version of OpenSSL :
  - A carry propagating flaw exists in the x86_64 Montgomery     squaring implementation that may cause the BN_mod_exp()     function to produce incorrect results. An attacker can     exploit this to obtain sensitive information regarding     private keys. (CVE-2015-3193)

  - A NULL pointer dereference flaw exists in file     rsa_ameth.c when handling ASN.1 signatures that use the     RSA PSS algorithm but are missing a mask generation     function parameter. A remote attacker can exploit this     to cause the signature verification routine to crash,     leading to a denial of service. (CVE-2015-3194)

  - A flaw exists in the ASN1_TFLG_COMBINE implementation in     file tasn_dec.c related to handling malformed     X509_ATTRIBUTE structures. A remote attacker can exploit     this to cause a memory leak by triggering a decoding     failure in a PKCS#7 or CMS application, resulting in a     denial of service. (CVE-2015-3195)

  - A race condition exists in s3_clnt.c that is triggered     when PSK identity hints are incorrectly updated in the     parent SSL_CTX structure when they are received by a     multi-threaded client. A remote attacker can exploit     this, via a crafted ServerKeyExchange message, to cause     a double-free memory error, resulting in a denial of     service. (CVE-2015-3196)

  - A flaw exists in the ssl3_get_key_exchange() function     in file s3_clnt.c when handling a ServerKeyExchange     message for an anonymous DH ciphersuite with the value     of 'p' set to 0. A attacker can exploit this, by causing     a segmentation fault, to crash an application linked     against the library, resulting in a denial of service.
    (CVE-2015-1794)

New openssl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.

This update for compat-openssl098 fixes the following issues :

Security issue fixed :

  - CVE-2015-3195: When presented with a malformed     X509_ATTRIBUTE structure OpenSSL would leak memory. This     structure is used by the PKCS#7 and CMS routines so any     application which reads PKCS#7 or CMS data from     untrusted sources is affected. SSL/TLS is not affected.
    (bsc#957812)

Non security issue fixed :

  - Prevent segfault in s_client with invalid options     (bsc#952099)

This update was imported from the SUSE:SLE-12:Update update project.

This update for compat-openssl098 fixes the following issues :

Security issue fixed:;

  - CVE-2015-3195: When presented with a malformed     X509_ATTRIBUTE structure OpenSSL would leak memory. This     structure is used by the PKCS#7 and CMS routines so any     application which reads PKCS#7 or CMS data from     untrusted sources is affected. SSL/TLS is not affected.
    (bsc#957812)

Non security issue fixed :

  - Prevent segfault in s_client with invalid options     (bsc#952099)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The remote host is running a version of Mac OS X version 10.11.x prior to 10.11.4 and is affected by multiple vulnerabilities in the following components :

 - apache_mod_php
 - AppleRAID
 - AppleUSBNetworking
 - Bluetooth
 - Carbon
 - dyld
 - FontParser
 - HTTPProtocol
 - Intel Graphics Driver
 - IOFireWireFamily
 - IOGraphics
 - IOHIDFamily
 - IOUSBFamily
 - Kernel
 - libxml2
 - Messages
 - NVIDIA Graphics Drivers
 - OpenSSH
 - OpenSSL
 - Python
 - QuickTime
 - Reminders
 - Ruby
 - Security
 - Tcl
 - TrueTypeScaler
 - Wi-Fi

Note that successful exploitation of the most serious issues can result in arbitrary code execution.

The version of MySQL installed on the remote host is 5.5.x prior to 5.5.48, 5.6.x prior to 5.6.29, or 5.7.x prior to 5.7.11, and is affected by vulnerabilities in the following components :

 - Data Manipulation Language
 - Data Definition Language
 - Full-Text Search
 - MyISAM
 - PeopleSoft
 - Performance Schema
 - Pluggable Authentication
 - Replication
 - Server Connection
 - Server:Security
 - Server:InnoDB
 - Server:Optimizer
 - Server:Options


ID	Name	Product	Family	Published	Updated	Severity
88085	AIX OpenSSL Advisory : openssl_advisory15.asc	Nessus	AIX Local Security Checks	1/22/2016	4/21/2023	medium
88100	Cisco AnyConnect Secure Mobility Client < 3.1.13015.0 / 4.2.x < 4.2.1035.0 Multiple OpenSSL Vulnerabilities	Nessus	Windows	1/22/2016	7/6/2018	medium
87378	Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : openssl (SSA:2015-349-04)	Nessus	Slackware Local Security Checks	12/16/2015	1/14/2021	high
87619	openSUSE Security Update : compat-openssl098 (openSUSE-2015-940)	Nessus	SuSE Local Security Checks	12/29/2015	1/19/2021	medium
87654	SUSE SLED12 / SLES12 Security Update : compat-openssl098 (SUSE-SU-2015:2342-1)	Nessus	SuSE Local Security Checks	12/29/2015	1/6/2021	medium
9327	Mac OS X 10.11.x < 10.11.4 Multiple Vulnerabilities	Nessus Network Monitor	Operating System Detection	5/27/2016	3/6/2019	critical
9259	Oracle MySQL 5.5.x < 5.5.48 / 5.6.x < 5.6.29 / 5.7.x < 5.7.11 Multiple Vulnerabilities	Nessus Network Monitor	Database	4/18/2016	3/6/2019	medium

Detections

Analytics

Plugins Search

medium

medium

high

medium

medium

critical

medium