Slackware Advisory SSA:2004-077-01 OpenSSL Security Update Network Vulnerability

Summary

The remote host is missing an update as announced via advisory SSA:2004-077-01.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2004-077-01

Insight

Upgraded OpenSSL packages are available for Slackware 8.1, 9.0, 9.1, and -current. These fix two potential denial-of-service issues in earlier versions of OpenSSL. We recommend sites that use OpenSSL upgrade to the fixed packages right away. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0079 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0112

Severity

Classification

CVE CVE-2004-0079, CVE-2004-0112

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Slackware Advisory SSA:2003-141-03 glibc XDR overflow fix
Slackware Advisory SSA:2006-178-02 gnupg DoS
Slackware Advisory SSA:2006-130-01 Apache httpd redux
Slackware Advisory SSA:2005-283-01 xine-lib
Slackware Advisory SSA:2006-313-01 firefox/thunderbird/seamonkey

Slackware Advisory SSA:2004-077-01 OpenSSL security update

Take action and discover your vulnerabilities