Debian DSA-1379-1 : openssl - off-by-one error/buffer overflow
critical Nessus Plugin ID 26209
New! Plugin Severity Now Using CVSS v3
The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
Synopsis
The remote Debian host is missing a security-related update.Description
An off-by-one error has been identified in the SSL_get_shared_ciphers() routine in the libssl library from OpenSSL, an implementation of Secure Socket Layer cryptographic libraries and utilities. This error could allow an attacker to crash an application making use of OpenSSL's libssl library, or potentially execute arbitrary code in the security context of the user running such an application.Solution
Upgrade the openssl packages.For the old stable distribution (sarge), this problem has been fixed in version 0.9.7e-3sarge5.
For the stable distribution (etch), this problem has been fixed in version 0.9.8c-4etch1.
For the unstable and testing distributions (sid and lenny, respectively), this problem has been fixed in version 0.9.8e-9.
See Also
Plugin Details
Severity: Critical
ID: 26209
File Name: debian_DSA-1379.nasl
Version: 1.25
Type: local
Agent: unix
Family: Debian Local Security Checks
Published: 10/3/2007
Updated: 1/4/2021
Dependencies: ssh_get_info.nasl
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: Critical
Base Score: 10
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: p-cpe:/a:debian:debian_linux:openssl, cpe:/o:debian:debian_linux:3.1, cpe:/o:debian:debian_linux:4.0
Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l
Patch Publication Date: 10/2/2007
Reference Information
CVE: CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-4343, CVE-2007-5135