CVE-2011-4577

MEDIUM

Details

Source: MITRE

Published: 2012-01-06

Updated: 2014-03-26

Type: CWE-399

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6h:bogus:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* versions up to 0.9.8r (inclusive)

Configuration 2

OR

cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* versions up to 1.0.0e (inclusive)

Tenable Plugins

View all (36 total)

IDNameProductFamilySeverity
137479EulerOS 2.0 SP2 : openssl098e (EulerOS-SA-2020-1637)NessusHuawei Local Security Checks
medium
89038VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2012-0013) (remote check)NessusMisc.
high
80715Oracle Solaris Third-Party Patch Update : openssl (cve_2012_0050_denial_of)NessusSolaris Local Security Checks
high
79282RHEL 6 : rhev-hypervisor6 (RHSA-2012:0109)NessusRed Hat Local Security Checks
high
75908openSUSE Security Update : libopenssl-devel (openSUSE-SU-2012:0083-1)NessusSuSE Local Security Checks
medium
75598openSUSE Security Update : libopenssl-devel (openSUSE-SU-2012:0083-1)NessusSuSE Local Security Checks
medium
74901openSUSE Security Update : openssl (openSUSE-SU-2013:0336-1)NessusSuSE Local Security Checks
high
74722openSUSE Security Update : openssl (openSUSE-2012-52)NessusSuSE Local Security Checks
medium
70885ESXi 5.0 < Build 912577 Multiple Vulnerabilities (remote check)NessusMisc.
high
69645Amazon Linux AMI : openssl (ALAS-2012-38)NessusAmazon Linux Local Security Checks
medium
68437Oracle Linux 6 : openssl (ELSA-2012-0059)NessusOracle Linux Local Security Checks
medium
801016Mac OS X 10.8 < 10.8.4 Multiple Vulnerabilities (Security Update 2013-002)Log Correlation EngineOperating System Detection
high
801016Mac OS X 10.8 < 10.8.4 Multiple Vulnerabilities (Security Update 2013-002)Log Correlation EngineOperating System Detection
high
6857Mac OS X 10.8 < 10.8.4 Multiple Vulnerabilities (Security Update 2013-002)Nessus Network MonitorWeb Clients
critical
6857Mac OS X 10.8 < 10.8.4 Multiple Vulnerabilities (Security Update 2013-002)Nessus Network MonitorWeb Clients
critical
66809Mac OS X Multiple Vulnerabilities (Security Update 2013-002)NessusMacOS X Local Security Checks
critical
66808Mac OS X 10.8.x < 10.8.4 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
high
63031Fedora 18 : mingw-openssl-1.0.1c-1.fc18 (2012-18035)NessusFedora Local Security Checks
high
61747VMSA-2012-0013 : VMware vSphere and vCOps updates to third-party librariesNessusVMware ESX Local Security Checks
high
61225Scientific Linux Security Update : openssl on SL6.x i386/x86_64 (20120124)NessusScientific Linux Local Security Checks
medium
59851HP System Management Homepage < 7.1.1 Multiple VulnerabilitiesNessusWeb Servers
critical
58222GLSA-201203-12 : OpenSSL: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
57887Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : openssl vulnerabilities (USN-1357-1)NessusUbuntu Local Security Checks
high
57731CentOS 6 : openssl (CESA-2012:0059)NessusCentOS Local Security Checks
medium
57677RHEL 6 : openssl (RHSA-2012:0059)NessusRed Hat Local Security Checks
medium
57570SuSE 10 Security Update : OpenSSL (ZYPP Patch Number 7923)NessusSuSE Local Security Checks
high
57569SuSE 11.1 Security Update : OpenSSL (SAT Patch Number 5635)NessusSuSE Local Security Checks
high
57551FreeBSD : OpenSSL -- multiple vulnerabilities (78cc8a46-3e56-11e1-89b4-001ec9578670)NessusFreeBSD Local Security Checks
high
57546Fedora 15 : openssl-1.0.0f-1.fc15 (2012-0250)NessusFedora Local Security Checks
medium
57479Fedora 16 : openssl-1.0.0f-1.fc16 (2012-0232)NessusFedora Local Security Checks
medium
57460OpenSSL 1.x < 1.0.0f Multiple VulnerabilitiesNessusWeb Servers
medium
57459OpenSSL < 0.9.8s Multiple VulnerabilitiesNessusWeb Servers
high
801059OpenSSL 0.9.8 < 0.9.8s / 1.x < 1.0.0f Multiple VulnerabilitiesLog Correlation EngineWeb Servers
high
801059OpenSSL 0.9.8 < 0.9.8s / 1.x < 1.0.0f Multiple VulnerabilitiesLog Correlation EngineWeb Servers
high
6129OpenSSL 0.9.8 < 0.9.8s / 1.x < 1.0.0f Multiple VulnerabilitiesNessus Network MonitorWeb Servers
high
6129OpenSSL 0.9.8 < 0.9.8s / 1.x < 1.0.0f Multiple VulnerabilitiesNessus Network MonitorWeb Servers
high