Detections
Analytics

Fedora Core 3 : openssl-0.9.7a-42.2 / openssl096b-0.9.6b-21.2 (2005-985)

high Nessus Plugin ID 20022

Synopsis

The remote Fedora Core host is missing one or more security updates.

Description

The remote Fedora Core host is missing one or more security updates :

openssl-0.9.7a-42.2 :

 - Tue Oct 11 2005 Tomas Mraz <tmraz at redhat.com> 0.9.7a-42.2

 - fix CVE-2005-2969 - remove SSL_OP_MSIE_SSLV2_RSA_PADDING which disables the countermeasure against man in the middle attack in SSLv2 (#169863)

 - more fixes for constant time/memory access for DSA signature algorithm

 - updated ICA engine patch

 - install ca-bundle.crt as a config file

openssl096b-0.9.6b-21.2 :

 - Thu Oct 6 2005 Tomas Mraz <tmraz at redhat.com> 0.9.6b-21.2

 - fix CVE-2005-2969 - remove SSL_OP_MSIE_SSLV2_RSA_PADDING which disables the countermeasure against man in the middle attack in SSLv2 (#169863)

 - more fixes for constant time/memory access for DSA signature algorithm

 - replaced add-luna patch with new one with right license (#158061)

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?479959b3

http://www.nessus.org/u?6f2bf690

Plugin Details

Severity: High

ID: 20022

File Name: fedora_2005-985.nasl

Version: 1.16

Type: local

Agent: unix

Published: 10/19/2005

Updated: 1/11/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:openssl, p-cpe:/a:fedoraproject:fedora:openssl-debuginfo, p-cpe:/a:fedoraproject:fedora:openssl-devel, p-cpe:/a:fedoraproject:fedora:openssl-perl, p-cpe:/a:fedoraproject:fedora:openssl096b, p-cpe:/a:fedoraproject:fedora:openssl096b-debuginfo, cpe:/o:fedoraproject:fedora_core:3

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 10/13/2005

Reference Information

FEDORA: 2005-985