SuSE 10 Security Update : compat-openssl097g (ZYPP Patch Number 5055)
Medium Nessus Plugin ID 31392
SynopsisThe remote SuSE 10 host is missing a security-related patch.
DescriptionThis update of openssl fixes a off-by-one buffer overflow in function SSL_get_shared_ciphers(). This vulnerability potentially allows remote code execution; depending on memory layout of the process.
We released updates for openssl already, but an update for the compat 0.9.7g openssl libraries was missing and is provided with this patch.
SolutionApply ZYPP patch number 5055.