Slackware 9.0 : mod_ssl RSA blinding fixes (SSA:2003-141-05)

This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.

Synopsis :

The remote Slackware host is missing a security update.

Description :

An upgrade for mod_ssl to version 2.8.14_1.3.27 is now available.
This version provides RSA blinding by default which prevents an
extended timing analysis from revealing details of the secret key to
an attacker. Note that this problem was already fixed within OpenSSL,
so this is a 'double fix'. With this package, mod_ssl is secured even
if OpenSSL is not. We recommend sites using mod_ssl upgrade to this
new package.

See also :

Solution :

Update the affected mod_ssl package.

Risk factor :


Family: Slackware Local Security Checks

Nessus Plugin ID: 18715 ()

Bugtraq ID: