Ubuntu Update For Openssl USN-2192-1 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

It was discovered that OpenSSL incorrectly handled memory in the ssl3_read_bytes() function. A remote attacker could use this issue to possibly cause OpenSSL to crash, resulting in a denial of service. (CVE-2010-5298) It was discovered that OpenSSL incorrectly handled memory in the do_ssl3_write() function. A remote attacker could use this issue to possibly cause OpenSSL to crash, resulting in a denial of service. (CVE-2014-0198)

Affected

openssl on Ubuntu 14.04 LTS , Ubuntu 13.10 , Ubuntu 12.10 , Ubuntu 12.04 LTS

Severity

Classification

CVE CVE-2010-5298, CVE-2014-0198

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Ubuntu Update for curl USN-2346-1
Ubuntu Update for cups USN-2144-1
Ubuntu Update for bind9 vulnerabilities USN-888-1
Ubuntu Update for cmake vulnerabilities USN-890-6
Ubuntu Update for cups USN-2341-1

Ubuntu Update for openssl USN-2192-1

Take action and discover your vulnerabilities