Ubuntu Update For Openssl Vulnerabilities USN-1029-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-1029-1

Solution

Please Install the Updated Packages.

Insight

It was discovered that an old bug workaround in the SSL/TLS server code allowed an attacker to modify the stored session cache ciphersuite. This could possibly allow an attacker to downgrade the ciphersuite to a weaker one on subsequent connections. (CVE-2010-4180) It was discovered that an old bug workaround in the SSL/TLS server code allowed allowed an attacker to modify the stored session cache ciphersuite. An attacker could possibly take advantage of this to force the use of a disabled cipher. This vulnerability only affects the versions of OpenSSL in Ubuntu 6.06 LTS, Ubuntu 8.04 LTS, and Ubuntu 9.10. (CVE-2008-7270)

Affected

openssl vulnerabilities on Ubuntu 6.06 LTS , Ubuntu 8.04 LTS , Ubuntu 9.10 , Ubuntu 10.04 LTS , Ubuntu 10.10

Severity

Classification

CVE CVE-2008-7270, CVE-2010-4180

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Ubuntu Update for dovecot USN-1295-1
Ubuntu Update for apache2 USN-1368-1
Ubuntu Update for dbus USN-1176-1
Ubuntu Update for apache2 USN-1903-1
Ubuntu Update for curl USN-2167-1

Ubuntu Update for openssl vulnerabilities USN-1029-1

Take action and discover your vulnerabilities