openSUSE Security Update : monit (openSUSE-2016-1339) (POODLE)

This script is Copyright (C) 2016 Tenable Network Security, Inc.

Synopsis :

The remote openSUSE host is missing a security update.

Description :

This update for monit fixes the following issues :

- CVE-2016-7067: A malicious attacker could have used a
cross-site request forgery vulnerability to trick an
authenticated user to perform monit actions.

Monit was updated to 5.20, containing all upstream improvements and
bug fixes.

The following tracked packaging bugs were fixed :

- disable sslv3 according to RFC7568 (boo#974763)

- fixed pid file directory (boo#971647)

See also :

Solution :

Update the affected monit packages.

Risk factor :

Medium / CVSS Base Score : 4.3

Family: SuSE Local Security Checks

Nessus Plugin ID: 95272 ()

Bugtraq ID:

CVE ID: CVE-2014-3566

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now