The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-120:02 advisory.

    The OpenSSL toolkit provides support for secure communications between     machines. OpenSSL includes a certificate management tool and shared     libraries which provide various cryptographic algorithms and     protocols.
    Security issues fixed with this release:
    CVE-2015-3197     ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f     does not prevent use of disabled ciphers, which makes it easier for     man-in-the-middle attackers to defeat cryptographic protection     mechanisms by performing computations on SSLv2 traffic, related to the     get_client_master_key and get_client_hello functions.
    CVE-2016-0702
    ** RESERVED **     This candidate has been reserved by an organization or individual that     will use it when announcing a new security problem.  When the     candidate has been publicized, the details for this candidate will be     provided.
    CVE-2016-0705
    ** RESERVED **     This candidate has been reserved by an organization or individual that     will use it when announcing a new security problem.  When the     candidate has been publicized, the details for this candidate will be     provided.
    CVE-2016-0797
    ** RESERVED **     This candidate has been reserved by an organization or individual that     will use it when announcing a new security problem.  When the     candidate has been publicized, the details for this candidate will be     provided.
    CVE-2016-0800
    ** RESERVED **     This candidate has been reserved by an organization or individual that     will use it when announcing a new security problem.  When the     candidate has been publicized, the details for this candidate will be     provided.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

CVE-2015-3197: A malicious client can negotiate SSLv2 ciphers that have been disabled on the server and complete SSLv2 handshakes even if all SSLv2 ciphers have been disabled, provided that the SSLv2 protocol was not also disabled via SSL_OP_NO_SSLv2.

Additionally, when using a DHE cipher suite a new DH key will always be generated for each connection.

This will be the last security update for the squeeze version of the package. The 0.9.8 version is no longer supported and the squeeze LTS support will end soon. If you are using openssl you should upgrade to wheezy or preferably jessie. The version in those versions contain many security improvements.

Kurt Roeckx

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

OpenSSL project reports :

- Historically OpenSSL only ever generated DH parameters based on 'safe' primes. More recently (in version 1.0.2) support was provided for generating X9.42 style parameter files such as those required for RFC 5114 support. The primes used in such files may not be 'safe'.
Where an application is using DH configured with parameters based on primes that are not 'safe' then an attacker could use this fact to find a peer's private DH exponent. This attack requires that the attacker complete multiple handshakes in which the peer uses the same private DH exponent. For example this could be used to discover a TLS server's private DH exponent if it's reusing the private DH exponent or it's using a static DH ciphersuite. OpenSSL provides the option SSL_OP_SINGLE_DH_USE for ephemeral DH (DHE) in TLS. It is not on by default. If the option is not set then the server reuses the same private DH exponent for the life of the server process and would be vulnerable to this attack. It is believed that many popular applications do set this option and would therefore not be at risk.
(CVE-2016-0701)

- A malicious client can negotiate SSLv2 ciphers that have been disabled on the server and complete SSLv2 handshakes even if all SSLv2 ciphers have been disabled, provided that the SSLv2 protocol was not also disabled via SSL_OP_NO_SSLv2. (CVE-2015-3197)

The version of OpenSSL installed on the remote AIX host is affected by the following vulnerabilities :

  - A cipher algorithm downgrade vulnerability exists due to     a flaw that is triggered when handling cipher     negotiation. A remote attacker can exploit this to     negotiate SSLv2 ciphers and complete SSLv2 handshakes     even if all SSLv2 ciphers have been disabled on the     server. Note that this vulnerability only exists if the     SSL_OP_NO_SSLv2 option has not been disabled.
    (CVE-2015-3197)

  - A man-in-the-middle vulnerability, known as Logjam,     exists due to a flaw in the SSL/TLS protocol. A remote     attacker can exploit this flaw to downgrade connections     using ephemeral Diffie-Hellman key exchange to 512-bit     export-grade cryptography. (CVE-2015-4000)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:0303 advisory.

    OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)     and Transport Layer Security (TLS v1) protocols, as well as a     full-strength, general purpose cryptography library.

    A padding oracle flaw was found in the Secure Sockets Layer version 2.0     (SSLv2) protocol. An attacker can potentially use this flaw to decrypt     RSA-encrypted cipher text from a connection using a newer SSL/TLS protocol     version, allowing them to decrypt such connections. This cross-protocol     attack is publicly referred to as DROWN. (CVE-2016-0800)

    Note: This issue was addressed by disabling the SSLv2 protocol by default     when using the 'SSLv23' connection methods, and removing support for weak     SSLv2 cipher suites. For more information, refer to the knowledge base     article linked to in the References section.

    It was discovered that the SSLv2 servers using OpenSSL accepted SSLv2     connection handshakes that indicated non-zero clear key length for     non-export cipher suites. An attacker could use this flaw to decrypt     recorded SSLv2 sessions with the server by using it as a decryption     oracle.(CVE-2016-0703)

    It was discovered that the SSLv2 protocol implementation in OpenSSL did     not properly implement the Bleichenbacher protection for export cipher     suites. An attacker could use a SSLv2 server using OpenSSL as a     Bleichenbacher oracle. (CVE-2016-0704)

    Note: The CVE-2016-0703 and CVE-2016-0704 issues could allow for more     efficient exploitation of the CVE-2016-0800 issue via the DROWN attack.

    A denial of service flaw was found in the way OpenSSL handled SSLv2     handshake messages. A remote attacker could use this flaw to cause a     TLS/SSL server using OpenSSL to exit on a failed assertion if it had both     the SSLv2 protocol and EXPORT-grade cipher suites enabled. (CVE-2015-0293)

    A flaw was found in the way malicious SSLv2 clients could negotiate SSLv2     ciphers that have been disabled on the server. This could result in weak     SSLv2 ciphers being used for SSLv2 connections, making them vulnerable to     man-in-the-middle attacks. (CVE-2015-3197)

    Red Hat would like to thank the OpenSSL project for reporting these issues.
    Upstream acknowledges Nimrod Aviram and Sebastian Schinzel as the original     reporters of CVE-2016-0800 and CVE-2015-3197; David Adrian (University of     Michigan) and J. Alex Halderman (University of Michigan) as the original     reporters of CVE-2016-0703 and CVE-2016-0704; and Sean Burford (Google) and     Emilia Ksper (OpenSSL development team) as the original reporters of     CVE-2015-0293.

    All openssl users are advised to upgrade to these updated packages, which     contain backported patches to correct these issues. For the update to take     effect, all services linked to the OpenSSL library must be restarted, or     the system rebooted.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

A padding oracle flaw was found in the Secure Sockets Layer version 2.0 (SSLv2) protocol. An attacker can potentially use this flaw to decrypt RSA-encrypted cipher text from a connection using a newer SSL/TLS protocol version, allowing them to decrypt such connections.
This cross-protocol attack is publicly referred to as DROWN.
(CVE-2016-0800)

It was discovered that the SSLv2 servers using OpenSSL accepted SSLv2 connection handshakes that indicated non-zero clear key length for non- export cipher suites. An attacker could use this flaw to decrypt recorded SSLv2 sessions with the server by using it as a decryption oracle.(CVE-2016-0703)

It was discovered that the SSLv2 protocol implementation in OpenSSL did not properly implement the Bleichenbacher protection for export cipher suites. An attacker could use a SSLv2 server using OpenSSL as a Bleichenbacher oracle. (CVE-2016-0704)

Note: The CVE-2016-0703 and CVE-2016-0704 issues could allow for more efficient exploitation of the CVE-2016-0800 issue via the DROWN attack.

A denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages. A remote attacker could use this flaw to cause a TLS/SSL server using OpenSSL to exit on a failed assertion if it had both the SSLv2 protocol and EXPORT-grade cipher suites enabled.
(CVE-2015-0293)

A flaw was found in the way malicious SSLv2 clients could negotiate SSLv2 ciphers that have been disabled on the server. This could result in weak SSLv2 ciphers being used for SSLv2 connections, making them vulnerable to man-in-the-middle attacks. (CVE-2015-3197)

For the update to take effect, all services linked to the openssl098e library must be restarted, or the system rebooted.

Update to latest openssl which fixes various CVE's

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The remote OracleVM system is missing necessary patches to address critical security updates :

  - fix CVE-2016-0702 - side channel attack on modular     exponentiation

  - fix CVE-2016-0705 - double-free in DSA private key     parsing

  - fix CVE-2016-0797 - heap corruption in BN_hex2bn and     BN_dec2bn

  - fix CVE-2015-3197 - SSLv2 ciphersuite enforcement

  - disable SSLv2 in the generic TLS method

The Oracle VM VirtualBox application installed on the remote host is a version prior to 4.3.36 or 5.0.18. It is, therefore, affected by an unspecified flaw in the Core subcomponent that allows a local attacker to gain elevated privileges. Additionally, multiple vulnerabilities exist in the bundled version of OpenSSL :

  - A flaw exists in the ssl3_get_key_exchange() function     in file s3_clnt.c when handling a ServerKeyExchange     message for an anonymous DH ciphersuite with the value     of 'p' set to 0. A attacker can exploit this, by causing     a segmentation fault, to crash an application linked     against the library, resulting in a denial of service.
    (CVE-2015-1794)

  - A carry propagating flaw exists in the x86_64 Montgomery     squaring implementation that may cause the BN_mod_exp()     function to produce incorrect results. An attacker can     exploit this to obtain sensitive information regarding     private keys. (CVE-2015-3193)

  - A NULL pointer dereference flaw exists in file     rsa_ameth.c due to improper handling of ASN.1 signatures     that are missing the PSS parameter. A remote attacker     can exploit this to cause the signature verification     routine to crash, resulting in a denial of service     condition. (CVE-2015-3194)

  - A flaw exists in the ASN1_TFLG_COMBINE implementation in     file tasn_dec.c related to handling malformed     X509_ATTRIBUTE structures. A remote attacker can exploit     this to cause a memory leak by triggering a decoding     failure in a PKCS#7 or CMS application, resulting in a     denial of service. (CVE-2015-3195)

  - A race condition exists in s3_clnt.c that is triggered     when PSK identity hints are incorrectly updated in the     parent SSL_CTX structure when they are received by a     multi-threaded client. A remote attacker can exploit     this, via a crafted ServerKeyExchange message, to cause     a double-free memory error, resulting in a denial of     service. (CVE-2015-3196)

  - A cipher algorithm downgrade vulnerability exists due to     a flaw that is triggered when handling cipher     negotiation. A remote attacker can exploit this to     negotiate SSLv2 ciphers and complete SSLv2 handshakes     even if all SSLv2 ciphers have been disabled on the     server. Note that this vulnerability only exists if the     SSL_OP_NO_SSLv2 option has not been disabled.
    (CVE-2015-3197)

The version of MySQL running on the remote host is 5.7.x prior to 5.7.12. It is, therefore, affected by multiple vulnerabilities :

  - A cipher algorithm downgrade vulnerability exists in the     bundled version of OpenSSL due to a flaw that is     triggered when handling cipher negotiation. A remote     attacker can exploit this to negotiate SSLv2 ciphers and     complete SSLv2 handshakes even if all SSLv2 ciphers have     been disabled on the server. Note that this     vulnerability only exists if the SSL_OP_NO_SSLv2 option     has not been disabled. (CVE-2015-3197)

  - An unspecified flaw exists in the Pluggable     Authentication subcomponent that allows an     unauthenticated, remote attacker to execute arbitrary     code. (CVE-2016-0639)

  - An unspecified flaw exists in the Federated subcomponent     that allows an authenticated, remote attacker to impact     integrity and availability. (CVE-2016-0642)

  - An unspecified flaw exists in the DML subcomponent that     allows an authenticated, remote attacker to disclose     sensitive information. (CVE-2016-0643)

  - An unspecified flaw exists in the FTS subcomponent that     allows an authenticated, remote attacker to cause a     denial of service condition. (CVE-2016-0647)

  - An unspecified flaw exists in the PS subcomponent that     allows an authenticated, remote attacker to cause a     denial of service condition. (CVE-2016-0647)

  - An unspecified flaw exists in the InnoDB subcomponent     that allows an authenticated, remote attacker to cause a     denial of service condition. (CVE-2016-0655)

  - An unspecified flaw exists in the JSON subcomponent that     allows an authenticated, remote attacker to disclose     sensitive information. (CVE-2016-0657)

  - An unspecified flaw exists in the Optimizer subcomponent     that allows an authenticated, remote attacker to cause a     denial of service condition. (CVE-2016-0659)

  - An unspecified flaw exists in the Partition subcomponent     that allows an authenticated, remote attacker to cause a     denial of service condition. (CVE-2016-0662)

  - An unspecified flaw exists in the Security: Privileges     subcomponent that allows an authenticated, remote     attacker to cause a denial of service condition.
    (CVE-2016-0666)

  - An unspecified flaw exists in the Locking subcomponent     that allows an authenticated, remote attacker to cause a     denial of service condition. (CVE-2016-0667)

  - A key disclosure vulnerability exists in the bundled     version of OpenSSL due to improper handling of     cache-bank conflicts on the Intel Sandy-bridge     microarchitecture. An attacker can exploit this to gain     access to RSA key information. (CVE-2016-0702)

  - A double-free error exists in the bundled version of     OpenSSL due to improper validation of user-supplied     input when parsing malformed DSA private keys. A remote     attacker can exploit this to corrupt memory, resulting     in a denial of service condition or the execution of     arbitrary code. (CVE-2016-0705)

  - A NULL pointer dereference flaw exists in the bundled     version of OpenSSL in the BN_hex2bn() and BN_dec2bn()     functions. A remote attacker can exploit this to trigger     a heap corruption, resulting in the execution of     arbitrary code. (CVE-2016-0797)

  - A denial of service vulnerability exists in the bundled     version of OpenSSL due to improper handling of invalid     usernames. A remote attacker can exploit this, via a     specially crafted username, to leak 300 bytes of memory     per connection, exhausting available memory resources.
    (CVE-2016-0798)

  - Multiple memory corruption issues exist in the bundled     version of OpenSSL that allow a remote attacker to cause     a denial of service condition or the execution of     arbitrary code. (CVE-2016-0799)

  - A flaw exists in the bundled version of OpenSSL that     allows a cross-protocol Bleichenbacher padding oracle     attack known as DROWN (Decrypting RSA with Obsolete and     Weakened eNcryption). This vulnerability exists due to a     flaw in the Secure Sockets Layer Version 2 (SSLv2)     implementation, and it allows captured TLS traffic to be     decrypted. A man-in-the-middle attacker can exploit this     to decrypt the TLS connection by utilizing previously     captured traffic and weak cryptography along with a     series of specially crafted connections to an SSLv2     server that uses the same private key. (CVE-2016-0800)

  - A man-in-the-middle spoofing vulnerability exists due to     the server hostname not being verified to match a domain     name in the Subject's Common Name (CN) or SubjectAltName     field of the X.509 certificate. A man-in-the-middle     attacker can exploit this, by spoofing the TLS/SSL     server via a certificate that appears valid, to disclose     sensitive information or manipulate transmitted data.
    (CVE-2016-2047)

  - An unspecified flaw exists in the Optimizer subcomponent     that allow an authenticated, remote attacker to cause a     denial of service condition. (CVE-2017-10378)

  - A flaw exists related to certificate validation due to     the server hostname not being verified to match a domain     name in the X.509 certificate. A man-in-the-middle     attacker can exploit this, by spoofing the TLS/SSL     server via a certificate that appears valid, to disclose     sensitive information or manipulate data.

  - An integer overflow condition exists that is triggered     due to improper validation of user-supplied input when     processing client handshakes. An authenticated, remote     attacker can exploit this to cause the server to exit,     resulting in a denial of service condition.

  - An information disclosure vulnerability exists due to     overly verbose error messages returning part of the SQL     statement that produced them. An authenticated, remote     attacker can exploit this to disclose sensitive     information.

  - A flaw exists in InnoDB that is triggered during the     handling of an ALTER TABLE or ADD COLUMN operation on a     table with virtual columns. An authenticated, remote     attacker can exploit this to crash the server, resulting     in a denial of service condition.

According to its self-reported version number, the remote Juniper Junos device is affected by the following vulnerabilities related to OpenSSL :

  - A flaw exists in the ssl3_get_key_exchange() function     in file s3_clnt.c when handling a ServerKeyExchange     message for an anonymous DH ciphersuite with the value     of 'p' set to 0. A attacker can exploit this, by causing     a segmentation fault, to crash an application linked     against the library, resulting in a denial of service.
    (CVE-2015-1794)

  - A carry propagating flaw exists in the x86_64 Montgomery     squaring implementation that may cause the BN_mod_exp()     function to produce incorrect results. An attacker can     exploit this to obtain sensitive information regarding     private keys. (CVE-2015-3193)

  - A NULL pointer dereference flaw exists in file     rsa_ameth.c due to improper handling of ASN.1 signatures     that are missing the PSS parameter. A remote attacker     can exploit this to cause the signature verification     routine to crash, resulting in a denial of service     condition. (CVE-2015-3194)

  - A flaw exists in the ASN1_TFLG_COMBINE implementation in     file tasn_dec.c related to handling malformed     X509_ATTRIBUTE structures. A remote attacker can exploit     this to cause a memory leak by triggering a decoding     failure in a PKCS#7 or CMS application, resulting in a     denial of service. (CVE-2015-3195)

  - A race condition exists in s3_clnt.c that is triggered     when PSK identity hints are incorrectly updated in the     parent SSL_CTX structure when they are received by a     multi-threaded client. A remote attacker can exploit     this, via a crafted ServerKeyExchange message, to cause     a double-free memory error, resulting in a denial of     service. (CVE-2015-3196)

  - A cipher algorithm downgrade vulnerability exists due to     a flaw that is triggered when handling cipher     negotiation. A remote attacker can exploit this to     negotiate SSLv2 ciphers and complete SSLv2 handshakes     even if all SSLv2 ciphers have been disabled on the     server. Note that this vulnerability only exists if the     SSL_OP_NO_SSLv2 option has not been disabled.
    (CVE-2015-3197)

  - A key disclosure vulnerability exists due to improper     handling of cache-bank conflicts on the Intel     Sandy-bridge microarchitecture. An attacker can exploit     this to gain access to RSA key information.
    (CVE-2016-0702)

  - A flaw exists in the SSLv2 implementation,     specifically in the get_client_master_key() function     within file s2_srvr.c, due to accepting a nonzero     CLIENT-MASTER-KEY CLEAR-KEY-LENGTH value for an     arbitrary cipher. A man-in-the-middle attacker can     exploit this to determine the MASTER-KEY value and     decrypt TLS ciphertext by leveraging a Bleichenbacher     RSA padding oracle. (CVE-2016-0703)

  - A flaw exists in the SSLv2 oracle protection mechanism,     specifically in the get_client_master_key() function     within file s2_srvr.c, due to incorrectly overwriting     MASTER-KEY bytes during use of export cipher suites.
    A remote attackers can exploit this to more easily     decrypt TLS ciphertext by leveraging a Bleichenbacher     RSA padding oracle. (CVE-2016-0704)

  - A double-free error exists due to improper validation of     user-supplied input when parsing malformed DSA private     keys. A remote attacker can exploit this to corrupt     memory, resulting in a denial of service condition or     the execution of arbitrary code. (CVE-2016-0705)

  - A NULL pointer dereference flaw exists in the     BN_hex2bn() and BN_dec2bn() functions. A remote attacker     can exploit this to trigger a heap corruption, resulting     in the execution of arbitrary code. (CVE-2016-0797)

  - A denial of service vulnerability exists due to improper     handling of invalid usernames. A remote attacker can     exploit this, via a specially crafted username, to leak     300 bytes of memory per connection, exhausting available     memory resources. (CVE-2016-0798)

  - Multiple memory corruption issues exist that allow a     remote attacker to cause a denial of service condition     or the execution of arbitrary code. (CVE-2016-0799)

  - A heap buffer overflow condition exists in the     EVP_EncodeUpdate() function within file     crypto/evp/encode.c that is triggered when handling     a large amount of input data. An unauthenticated, remote     attacker can exploit this to cause a denial of service     condition. (CVE-2016-2105)

  - A heap buffer overflow condition exists in the     EVP_EncryptUpdate() function within file     crypto/evp/evp_enc.c that is triggered when handling a     large amount of input data after a previous call occurs     to the same function with a partial block. An     unauthenticated, remote attacker can exploit this to     cause a denial of service condition. (CVE-2016-2106)

  - A remote code execution vulnerability exists in the     ASN.1 encoder due to an underflow condition that occurs     when attempting to encode the value zero represented as     a negative integer. An unauthenticated, remote attacker     can exploit this to corrupt memory, resulting in the     execution of arbitrary code. (CVE-2016-2108)

  - Multiple unspecified flaws exist in the d2i BIO     functions when reading ASN.1 data from a BIO due to     invalid encoding causing a large allocation of memory.
    An unauthenticated, remote attacker can exploit these to     cause a denial of service condition through resource     exhaustion. (CVE-2016-2109)

  - Multiple integer overflow conditions exist in s3_srvr.c,     ssl_sess.c, and t1_lib.c due to improper use of pointer     arithmetic for heap-buffer boundary checks. An     unauthenticated, remote attacker can exploit this to     cause a denial of service. (CVE-2016-2177)

  - An information disclosure vulnerability exists in the     dsa_sign_setup() function in dsa_ossl.c due to a failure     to properly ensure the use of constant-time operations.
    An unauthenticated, remote attacker can exploit this,     via a timing side-channel attack, to disclose DSA key     information. (CVE-2016-2178)

  - An out-of-bounds read error exists in the X.509 Public     Key Infrastructure Time-Stamp Protocol (TSP)     implementation. An unauthenticated, remote attacker can     exploit this, via a crafted time-stamp file that is     mishandled by the 'openssl ts' command, to cause     denial of service or to disclose sensitive information.
    (CVE-2016-2180)

  - An overflow condition exists in the BN_bn2dec() function     in bn_print.c due to improper validation of     user-supplied input when handling BIGNUM values. An     unauthenticated, remote attacker can exploit this to     crash the process. (CVE-2016-2182)

  - A vulnerability exists, known as SWEET32, in the 3DES     and Blowfish algorithms due to the use of weak 64-bit     block ciphers by default. A man-in-the-middle attacker     who has sufficient resources can exploit this     vulnerability, via a 'birthday' attack, to detect a     collision that leaks the XOR between the fixed secret     and a known plaintext, allowing the disclosure of the     secret text, such as secure HTTPS cookies, and possibly     resulting in the hijacking of an authenticated session.
    (CVE-2016-2183)

  - A flaw exists in the tls_decrypt_ticket() function in     t1_lib.c due to improper handling of ticket HMAC     digests. An unauthenticated, remote attacker can exploit     this, via a ticket that is too short, to crash the     process, resulting in a denial of service.
    (CVE-2016-6302)

  - An integer overflow condition exists in the     MDC2_Update() function in mdc2dgst.c due to improper     validation of user-supplied input. An unauthenticated,     remote attacker can exploit this to cause a heap-based     buffer overflow, resulting in a denial of service     condition or possibly the execution of arbitrary code.
    (CVE-2016-6303)

  - A flaw exists in the ssl_parse_clienthello_tlsext()     function in t1_lib.c due to improper handling of overly     large OCSP Status Request extensions from clients. An     unauthenticated, remote attacker can exploit this, via     large OCSP Status Request extensions, to exhaust memory     resources, resulting in a denial of service condition.
    (CVE-2016-6304)

  - A flaw exists in the SSL_peek() function in     rec_layer_s3.c due to improper handling of empty     records. An unauthenticated, remote attacker can exploit     this, by triggering a zero-length record in an SSL_peek     call, to cause an infinite loop, resulting in a denial     of service condition. (CVE-2016-6305)

  - An out-of-bounds read error exists in the certificate     parser that allows an unauthenticated, remote attacker     to cause a denial of service via crafted certificate     operations. (CVE-2016-6306)

  - A denial of service vulnerability exists in the     state-machine implementation due to a failure to check     for an excessive length before allocating memory. An     unauthenticated, remote attacker can exploit this, via a     crafted TLS message, to exhaust memory resources.
    (CVE-2016-6307)

Note that these issues only affects devices with J-Web or the SSL service for JUNOScript enabled.

ID	Name	Product	Family	Published	Updated	Severity
289938	MiracleLinux 7 : openssl-1.0.1e-51.el7.4 (AXSA:2016-120:02)	Nessus	Miracle Linux Local Security Checks	1/16/2026	1/16/2026	critical
88863	Debian DLA-421-1 : openssl security update	Nessus	Debian Local Security Checks	2/22/2016	1/11/2021	medium
88465	FreeBSD : openssl -- multiple vulnerabilities (3679fd10-c5d1-11e5-b85f-0018fe623f2b)	Nessus	FreeBSD Local Security Checks	1/29/2016	1/4/2021	medium
89829	AIX OpenSSL Advisory : openssl_advisory17.asc (Logjam)	Nessus	AIX Local Security Checks	3/10/2016	4/21/2023	medium
89069	RHEL 6 : openssl (RHSA-2016:0303)	Nessus	Red Hat Local Security Checks	3/2/2016	4/15/2025	medium
89825	Scientific Linux Security Update : openssl098e on SL6.x, SL7.x i386/x86_64 (20160309) (DROWN)	Nessus	Scientific Linux Local Security Checks	3/10/2016	1/14/2021	medium
92158	Fedora 24 : mingw-openssl (2016-c558e58b21)	Nessus	Fedora Local Security Checks	7/14/2016	2/2/2026	critical
89066	OracleVM 3.3 : openssl (OVMSA-2016-0031)	Nessus	OracleVM Local Security Checks	3/2/2016	1/4/2021	critical
90680	Oracle VM VirtualBox < 4.3.36 / 5.0.18 Multiple Vulnerabilities (April 2016 CPU)	Nessus	Misc.	4/22/2016	5/5/2026	medium
90684	MySQL 5.7.x < 5.7.12 Multiple Vulnerabilities (DROWN)	Nessus	Databases	4/22/2016	11/19/2019	critical
96316	Juniper Junos Multiple OpenSSL Vulnerabilities (JSA10759) (SWEET32)	Nessus	Junos Local Security Checks	1/5/2017	1/6/2026	critical

Detections

Analytics

Plugins Search

critical

medium

medium

medium

medium

medium

critical

critical

medium

critical

critical