CVE-2010-5298

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment.

References

http://advisories.mageia.org/MGASA-2014-0187.html

http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/004_openssl.patch.sig

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629

http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195

http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html

http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html

http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html

http://marc.info/?l=bugtraq&m=140389274407904&w=2

http://marc.info/?l=bugtraq&m=140389355508263&w=2

http://marc.info/?l=bugtraq&m=140431828824371&w=2

http://marc.info/?l=bugtraq&m=140448122410568&w=2

http://marc.info/?l=bugtraq&m=140544599631400&w=2

http://marc.info/?l=bugtraq&m=140621259019789&w=2

http://marc.info/?l=bugtraq&m=140752315422991&w=2

http://marc.info/?l=bugtraq&m=140904544427729&w=2

http://marc.info/?l=bugtraq&m=141658880509699&w=2

http://openwall.com/lists/oss-security/2014/04/13/1

http://seclists.org/fulldisclosure/2014/Dec/23

http://secunia.com/advisories/58337

http://secunia.com/advisories/58713

http://secunia.com/advisories/58939

http://secunia.com/advisories/58977

http://secunia.com/advisories/59162

http://secunia.com/advisories/59287

http://secunia.com/advisories/59300

http://secunia.com/advisories/59301

http://secunia.com/advisories/59342

http://secunia.com/advisories/59413

http://secunia.com/advisories/59437

http://secunia.com/advisories/59438

http://secunia.com/advisories/59440

http://secunia.com/advisories/59450

http://secunia.com/advisories/59490

http://secunia.com/advisories/59655

http://secunia.com/advisories/59666

http://secunia.com/advisories/59669

http://secunia.com/advisories/59721

http://security.gentoo.org/glsa/glsa-201407-05.xml

http://support.citrix.com/article/CTX140876

http://svnweb.freebsd.org/ports/head/security/openssl/files/patch-ssl-s3_pkt.c?revision=351191&view=markup

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl

http://www.blackberry.com/btsc/KB36051

http://www.fortiguard.com/advisory/FG-IR-14-018/

http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm

http://www.ibm.com/support/docview.wss?uid=swg21676356

http://www.ibm.com/support/docview.wss?uid=swg24037783

http://www.mandriva.com/security/advisories?name=MDVSA-2014:090

http://www.mandriva.com/security/advisories?name=MDVSA-2015:062

http://www.openbsd.org/errata55.html#004_openssl

http://www.openssl.org/news/secadv_20140605.txt

http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

http://www.securityfocus.com/archive/1/534161/100/0/threaded

http://www.securityfocus.com/bid/66801

http://www.tedunangst.com/flak/post/analysis-of-openssl-freelist-reuse

http://www.vmware.com/security/advisories/VMSA-2014-0006.html

http://www.vmware.com/security/advisories/VMSA-2014-0012.html

http://www-01.ibm.com/support/docview.wss?uid=swg21673137

http://www-01.ibm.com/support/docview.wss?uid=swg21676035

http://www-01.ibm.com/support/docview.wss?uid=swg21676062

http://www-01.ibm.com/support/docview.wss?uid=swg21676419

http://www-01.ibm.com/support/docview.wss?uid=swg21676529

http://www-01.ibm.com/support/docview.wss?uid=swg21676655

http://www-01.ibm.com/support/docview.wss?uid=swg21676879

http://www-01.ibm.com/support/docview.wss?uid=swg21676889

http://www-01.ibm.com/support/docview.wss?uid=swg21677527

http://www-01.ibm.com/support/docview.wss?uid=swg21677695

http://www-01.ibm.com/support/docview.wss?uid=swg21677828

http://www-01.ibm.com/support/docview.wss?uid=swg21677836

http://www-01.ibm.com/support/docview.wss?uid=swg21678167

http://www-01.ibm.com/support/docview.wss?uid=swg21683332

http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754

http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755

http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756

http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946

https://kb.bluecoat.com/index?page=content&id=SA80

https://kc.mcafee.com/corporate/index?page=content&id=SB10075

https://rt.openssl.org/Ticket/Display.html?id=2167&user=guest&pass=guest

https://rt.openssl.org/Ticket/Display.html?id=3265&user=guest&pass=guest

https://www.novell.com/support/kb/doc.php?id=7015271

Details

Source: MITRE

Published: 2014-04-14

Updated: 2018-10-10

Type: CWE-362

Risk Information

CVSS v2

Base Score: 4

Vector: AV:N/AC:H/Au:N/C:N/I:P/A:P

Impact Score: 4.9

Exploitability Score: 4.9

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8t:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8u:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8v:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8w:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8x:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8y:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* versions up to 1.0.1g (inclusive)

Tenable Plugins

View all (87 total)

IDNameProductFamilySeverity
129359MariaDB 10.0.0 < 10.0.13 Multiple VulnerabilitiesNessusDatabases
critical
125000EulerOS Virtualization 3.0.1.0 : openssl (EulerOS-SA-2019-1547)NessusHuawei Local Security Checks
medium
88991Cisco NX-OS OpenSSL Multiple VulnerabilitiesNessusCISCO
high
88989Cisco IOS XE Multiple OpenSSL Vulnerabilities (CSCup22487)NessusCISCO
medium
87678VMware ESXi Multiple OpenSSL Vulnerabilities (VMSA-2014-0006)NessusMisc.
medium
83716SUSE SLED12 / SLES12 Security Update : mariadb (SUSE-SU-2015:0743-1)NessusSuSE Local Security Checks
high
82315Mandriva Linux Security Advisory : openssl (MDVSA-2015:062)NessusMandriva Local Security Checks
high
81649Apache Tomcat 6.0.x < 6.0.43 Multiple Vulnerabilities (POODLE)NessusWeb Servers
high
80915Oracle VM VirtualBox < 3.2.26 / 4.0.28 / 4.1.36 / 4.2.28 / 4.3.20 Multiple Vulnerabilities (January 2015 CPU)NessusWindows
medium
80720Oracle Solaris Third-Party Patch Update : openssl (cve_2010_5298_race_conditions)NessusSolaris Local Security Checks
high
80322Fedora 20 : mingw-openssl-1.0.1j-1.fc20 (2014-17587) (POODLE)NessusFedora Local Security Checks
medium
80319Fedora 21 : mingw-openssl-1.0.1j-1.fc21 (2014-17576) (POODLE)NessusFedora Local Security Checks
medium
79547OracleVM 3.3 : openssl (OVMSA-2014-0032) (Heartbleed) (POODLE)NessusOracleVM Local Security Checks
high
79026RHEL 6 : Storage Server (RHSA-2014:0628)NessusRed Hat Local Security Checks
high
78292Amazon Linux AMI : openssl (ALAS-2014-349)NessusAmazon Linux Local Security Checks
high
78175F5 Networks BIG-IP : OpenSSL vulnerability (K15328)NessusF5 Networks Local Security Checks
medium
78024VMware vSphere Replication Multiple OpenSSL Vulnerabilities (VMSA-2014-0006)NessusMisc.
medium
77635EMC Documentum Content Server Multiple Vulnerabilities (ESA-2014-079)NessusWindows
high
77476Apache Tomcat 8.0.x < 8.0.11 Multiple OpenSSL VulnerabilitiesNessusWeb Servers
critical
77475Apache Tomcat 7.0.x < 7.0.55 Multiple VulnerabilitiesNessusWeb Servers
critical
77389Pivotal Web Server 5.x < 5.4.1 Multiple OpenSSL VulnerabilitiesNessusWeb Servers
medium
77332VMware OVF Tool 3.x < 3.5.2 Multiple OpenSSL Vulnerabilities (VMSA-2014-0006)NessusWindows
medium
77331VMware OVF Tool 3.x < 3.5.2 Multiple OpenSSL Vulnerabilities (VMSA-2014-0006) (Mac OS X)NessusMacOS X Local Security Checks
medium
77200OpenSSL 'ChangeCipherSpec' MiTM VulnerabilityNessusMisc.
medium
77152HP Version Control Agent (VCA) < 7.3.3 Multiple SSL VulnerabilitiesNessusSuSE Local Security Checks
high
77151HP Version Control Agent (VCA) < 7.3.3 Multiple SSL VulnerabilitiesNessusRed Hat Local Security Checks
high
77150HP Version Control Agent (VCA) < 7.3.3 Multiple SSL VulnerabilitiesNessusWindows
medium
77108Fedora 20 : openssl-1.0.1e-39.fc20 (2014-9308) (Heartbleed)NessusFedora Local Security Checks
high
77107Fedora 19 : openssl-1.0.1e-39.fc19 (2014-9301)NessusFedora Local Security Checks
high
77057FireEye Operating System Multiple Vulnerabilities (SB001)NessusFirewalls
medium
77020HP Systems Insight Manager 7.2.x < 7.2 Hotfix 37 / 7.3.x < 7.3 Hotfix 34 OpenSSL Multiple VulnerabilitiesNessusWindows
medium
77004Cerberus FTP Server 6.x < 6.0.10.0 / 7.x < 7.0.0.3 Multiple OpenSSL VulnerabilitiesNessusFTP
medium
77000Juniper Junos Multiple OpenSSL Vulnerabilities (JSA10629)NessusJunos Local Security Checks
medium
76994VMware vCenter Support Assistant Multiple Vulnerabilities (VMSA-2014-0006)NessusMisc.
medium
76966VMware Horizon View Client < 3.0.0 Multiple SSL Vulnerabilities (VMSA-2014-0006)NessusWindows
medium
76965VMware Horizon View Client < 3.0.0 Multiple SSL Vulnerabilities (VMSA-2014-0006) (Mac OS X)NessusMacOS X Local Security Checks
medium
76947VMware vCenter Converter Multiple Vulnerabilities (VMSA-2014-0006)NessusWindows
medium
76945VMware Horizon View Multiple Vulnerabilities (VMSA-2014-0006)NessusWindows
medium
76891RHEL 7 : openssl (RHSA-2014:0679)NessusRed Hat Local Security Checks
high
76864GLSA-201407-05 : OpenSSL: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
76776HP OneView < 1.10 OpenSSL Multiple Vulnerabilities (HPSBGN03068)NessusCGI abuses
medium
76769HP Smart Update Manager 6.x < 6.4.1 Multiple VulnerabilitiesNessusCGI abuses
medium
76729Oracle Linux 7 : openssl (ELSA-2014-0679)NessusOracle Linux Local Security Checks
high
76580McAfee VirusScan Enterprise for Linux Multiple OpenSSL Vulnerabilities (SB10075)NessusMisc.
medium
76579McAfee Email Gateway OpenSSL Multiple Vulnerabilities (SB10075)NessusMisc.
medium
76511LibreOffice 4.2.x < 4.2.3 OpenSSL Multiple Vulnerabilities (Mac OS X) (Heartbleed)NessusMacOS X Local Security Checks
medium
76510LibreOffice 4.2.x < 4.2.3 OpenSSL Multiple Vulnerabilities (Heartbleed)NessusWindows
medium
76495VMware vCenter Server Appliance Multiple Vulnerabilities (VMSA-2014-0006)NessusMisc.
medium
76493Fortinet OpenSSL Multiple VulnerabilitiesNessusMisc.
medium
76457VMware Security Updates for vCenter Server (VMSA-2014-0006)NessusMisc.
medium
76456VMware Workstation < 9.0.4 / 10.0.3 OpenSSL Library Multiple Vulnerabilities (Windows)NessusWindows
medium
76455VMware Workstation < 9.0.4 / 10.0.3 OpenSSL Library Multiple Vulnerabilities (Linux)NessusGeneral
medium
76454VMware Player < 5.0.4 / 6.0.3 OpenSSL Library Multiple Vulnerabilities (Windows)NessusWindows
medium
76453VMware Player < 5.0.4 / 6.0.3 OpenSSL Library Multiple Vulnerabilities (Linux)NessusGeneral
medium
76452VMware Fusion < 5.0.5 / 6.0.4 OpenSSL Library Multiple VulnerabilitiesNessusMacOS X Local Security Checks
medium
76426VMware vCenter Chargeback Manager Multiple OpenSSL Vulnerabilities (VMSA-2014-0006)NessusWindows
medium
76390HP Version Control Repository Manager Multiple Vulnerabilities (HPSBMU03056)NessusWindows
medium
76368ESXi 5.0 < Build 1918656 OpenSSL Library Multiple Vulnerabilities (remote check)NessusMisc.
medium
76360VMware vCenter Operations Manager Multiple OpenSSL Vulnerabilities (VMSA-2014-0006)NessusMisc.
medium
76356VMware vCenter Update Manager Multiple Vulnerabilities (VMSA-2014-0006)NessusWindows
medium
76355VMware vSphere Client Multiple Vulnerabilities (VMSA-2014-0006)NessusWindows
medium
76345HP System Management Homepage < 7.2.4.1 / 7.3.3.1 OpenSSL Multiple VulnerabilitiesNessusWeb Servers
medium
76203ESXi 5.1 < Build 1900470 OpenSSL Library Multiple Vulnerabilities (remote check)NessusMisc.
medium
76167WinSCP 5.x < 5.5.4 Multiple VulnerabilitiesNessusWindows
medium
76165Blue Coat ProxySG 6.5.x Multiple OpenSSL VulnerabilitiesNessusFirewalls
medium
76146McAfee Web Gateway Multiple OpenSSL Vulnerabilities (SB10075)NessusMisc.
medium
76145McAfee ePolicy Orchestrator Multiple OpenSSL Vulnerabilities (SB10075)NessusMisc.
medium
76124Junos Pulse Secure Access IVE / UAC OS Multiple OpenSSL Vulnerabilities (JSA10629)NessusMisc.
medium
75335openSUSE Security Update : OpenSSL (openSUSE-SU-2014:0592-1)NessusSuSE Local Security Checks
medium
74470ESXi 5.5 < Build 1881737 OpenSSL Library Multiple Vulnerabilities (remote check)NessusMisc.
medium
74468AIX OpenSSL Advisory : openssl_advisory8.docNessusAIX Local Security Checks
medium
74465VMSA-2014-0006 : VMware product updates address OpenSSL security vulnerabilitiesNessusVMware ESX Local Security Checks
high
74421stunnel < 5.02 OpenSSL Multiple VulnerabilitiesNessusWindows
medium
74364OpenSSL 1.0.1 < 1.0.1h Multiple VulnerabilitiesNessusWeb Servers
high
74350Scientific Linux Security Update : openssl on SL6.x i386/x86_64 (20140605)NessusScientific Linux Local Security Checks
high
74347RHEL 6 : openssl (RHSA-2014:0625)NessusRed Hat Local Security Checks
high
74344Oracle Linux 6 : openssl (ELSA-2014-0625)NessusOracle Linux Local Security Checks
high
74341Fedora 20 : openssl-1.0.1e-38.fc20 (2014-7102)NessusFedora Local Security Checks
high
74340Fedora 19 : openssl-1.0.1e-38.fc19 (2014-7101)NessusFedora Local Security Checks
high
74334CentOS 6 : openssl (CESA-2014:0625)NessusCentOS Local Security Checks
high
74331Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : openssl (SSA:2014-156-03)NessusSlackware Local Security Checks
high
74326OpenSSL 'ChangeCipherSpec' MiTM Potential VulnerabilityNessusMisc.
medium
74069Mandriva Linux Security Advisory : openssl (MDVSA-2014:090)NessusMandriva Local Security Checks
medium
73882Ubuntu 12.04 LTS / 12.10 / 13.10 / 14.04 LTS : openssl vulnerabilities (USN-2192-1)NessusUbuntu Local Security Checks
medium
73661FreeBSD : OpenSSL -- Remote Data Injection / DoS (0b8d7194-ca88-11e3-9d8d-c80aa9043978)NessusFreeBSD Local Security Checks
medium
73599Debian DSA-2908-1 : openssl - security updateNessusDebian Local Security Checks
medium
73403OpenSSL 1.0.0 < 1.0.0m Multiple VulnerabilitiesNessusWeb Servers
high