Slackware 9.0 : mod_ssl RSA blinding fixes (SSA:2003-141-05)

This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.


Synopsis :

The remote Slackware host is missing a security update.

Description :

An upgrade for mod_ssl to version 2.8.14_1.3.27 is now available.
This version provides RSA blinding by default which prevents an
extended timing analysis from revealing details of the secret key to
an attacker. Note that this problem was already fixed within OpenSSL,
so this is a 'double fix'. With this package, mod_ssl is secured even
if OpenSSL is not. We recommend sites using mod_ssl upgrade to this
new package.

See also :

http://www.nessus.org/u?4ce4cb0b

Solution :

Update the affected mod_ssl package.

Risk factor :

High

Family: Slackware Local Security Checks

Nessus Plugin ID: 18715 ()

Bugtraq ID:

CVE ID:

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial