SuSE 10 Security Update : OpenSSL (ZYPP Patch Number 2175)

High Nessus Plugin ID 29543


The remote SuSE 10 host is missing a security-related patch.


A previous openssl update (CVE-2006-2940) introduced another bug that can lead to a crash by providing a large prime number. An uninitialized pointer is freed during error handling. This bug allows remote attackers to crash services that use openssl.


Apply ZYPP patch number 2175.

See Also

Plugin Details

Severity: High

ID: 29543

File Name: suse_openssl-2175.nasl

Version: $Revision: 1.11 $

Type: local

Agent: unix

Published: 2007/12/13

Modified: 2012/05/17

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:/o:suse:suse_linux

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 2006/10/13

Reference Information

CVE: CVE-2006-2940

CWE: 399