5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
7 High
AI Score
Confidence
Low
0.928 High
EPSS
Percentile
99.0%
Package : openssl
Version : 0.9.8o-4squeeze17
CVE ID : CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508
CVE-2014-3510
Detailed descriptions of the vulnerabilities can be found at:
https://www.openssl.org/news/secadv_20140806.txt
It's important that you upgrade the libssl0.9.8 package and not just
the openssl package.
All applications linked to openssl need to be restarted. You can use
the "checkrestart" tool from the debian-goodies package to detect
affected programs. Alternatively, you may reboot your system.
Attachment:
signature.asc
Description: Digital signature
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 7 | mipsel | libssl1.0.0 | < 1.0.1e-2+deb7u12 | libssl1.0.0_1.0.1e-2+deb7u12_mipsel.deb |
Debian | 7 | kfreebsd-i386 | libcrypto1.0.0-udeb | < 1.0.1e-2+deb7u12 | libcrypto1.0.0-udeb_1.0.1e-2+deb7u12_kfreebsd-i386.deb |
Debian | 7 | mips | libssl1.0.0-dbg | < 1.0.1e-2+deb7u12 | libssl1.0.0-dbg_1.0.1e-2+deb7u12_mips.deb |
Debian | 7 | mips | libssl1.0.0 | < 1.0.1e-2+deb7u12 | libssl1.0.0_1.0.1e-2+deb7u12_mips.deb |
Debian | 7 | s390x | openssl | < 1.0.1e-2+deb7u12 | openssl_1.0.1e-2+deb7u12_s390x.deb |
Debian | 7 | armel | openssl | < 1.0.1e-2+deb7u12 | openssl_1.0.1e-2+deb7u12_armel.deb |
Debian | 7 | powerpc | libssl-dev | < 1.0.1e-2+deb7u12 | libssl-dev_1.0.1e-2+deb7u12_powerpc.deb |
Debian | 7 | kfreebsd-i386 | openssl | < 1.0.1e-2+deb7u12 | openssl_1.0.1e-2+deb7u12_kfreebsd-i386.deb |
Debian | 7 | ia64 | libssl1.0.0-dbg | < 1.0.1e-2+deb7u12 | libssl1.0.0-dbg_1.0.1e-2+deb7u12_ia64.deb |
Debian | 7 | powerpc | openssl | < 1.0.1e-2+deb7u12 | openssl_1.0.1e-2+deb7u12_powerpc.deb |