Slackware Advisory SSA:2005-286-01 OpenSSL Network Vulnerability

Summary

The remote host is missing an update as announced via advisory SSA:2005-286-01.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2005-286-01

Insight

New OpenSSL packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a security issue. Under certain conditions, an attacker acting as a 'man in the middle' may force a client and server to fall back to the less-secure SSL 2.0 protocol. More details about this issue may be found here: http://www.openssl.org/news/secadv_20051011.txt

Severity

Classification

CVE CVE-2005-2969

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Slackware Advisory SSA:2006-230-02 php
Slackware Advisory SSA:2006-357-02 mozilla-thunderbird
Slackware Advisory SSA:2006-357-04 koffice
Slackware Advisory SSA:2007-200-01 firefox
Slackware Advisory SSA:2005-201-01 dnsmasq

Take action and discover your vulnerabilities