Slackware 9.0 : mod_ssl RSA blinding fixes (SSA:2003-141-05)

This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.


Synopsis :

The remote Slackware host is missing a security update.

Description :

An upgrade for mod_ssl to version 2.8.14_1.3.27 is now available.
This version provides RSA blinding by default which prevents an
extended timing analysis from revealing details of the secret key to
an attacker. Note that this problem was already fixed within OpenSSL,
so this is a 'double fix'. With this package, mod_ssl is secured even
if OpenSSL is not. We recommend sites using mod_ssl upgrade to this
new package.

See also :

http://www.nessus.org/u?4ce4cb0b

Solution :

Update the affected mod_ssl package.

Risk factor :

High

Family: Slackware Local Security Checks

Nessus Plugin ID: 18715 ()

Bugtraq ID:

CVE ID: