This script is Copyright (C) 2014-2017 Tenable Network Security, Inc.
The remote OracleVM host is missing a security update.
The remote OracleVM system is missing necessary patches to address
critical security updates :
- add support for fallback SCSV to partially mitigate
(CVE-2014-3566) (padding attack on SSL3)
- fix CVE-2014-0221 - recursion in DTLS code leading to
- fix CVE-2014-3505 - doublefree in DTLS packet processing
- fix CVE-2014-3506 - avoid memory exhaustion in DTLS
- fix CVE-2014-3508 - fix OID handling to avoid
- fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling
- fix for CVE-2014-0224 - SSL/TLS MITM vulnerability
- replace expired GlobalSign Root CA certificate in
See also :
Update the affected openssl package.
Risk factor :
Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.3
Public Exploit Available : true
Family: OracleVM Local Security Checks
Nessus Plugin ID: 79554 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now