Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusTenable801065.PRM
HistorySep 06, 2011 - 12:00 a.m.

OpenSSL 1.x < 1.0.0e Multiple Vulnerabilities

2011-09-0600:00:00
Tenable
www.tenable.com
10

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.305 Low

EPSS

Percentile

97.0%

JSON

Versions of OpenSSL 1.0.0 earlier than and 1.0.0e are potentially affected by the following vulnerabilities :

  • An error exists in the internal certificate verification process that can allow improper acceptance of a certificate revolcation list (CRL) if the listsโ€™s โ€˜nextUpdateโ€™ field contains a date in teh past. Note that this internal CRL checking is not enabled by defaut. (CVE-2011-3207)

  • An error exists in the code for the ephemeral (EC)DH ciphersuites that can allow a remote attacker to crash the process. (CVE-2011-3210)

Binary data 801065.prm

Related

nessus 24
freebsd 1
securityvulns 2
openvas 33
cve 2
checkpoint_advisories 2
nvd 2
oraclelinux 6
redhat 1
altlinux 5
amazon 1
fedora 8
ubuntucve 2
debiancve 2
openssl 2
prion 2
veracode 1
f5 4
cvelist 2
debian 1
ibm 8
gentoo 1
ubuntu 1
lenovo 2
nessus
nessus
FreeBSD : OpenSSL -- multiple vulnerabilities (2ecb7b20-d97e-11e0-b2e2-00215c6a37bb)
2011-09-08 00:00:00
OpenSSL 1.x < 1.0.0e Multiple Vulnerabilities
2011-09-06 00:00:00
openSUSE Security Update : libopenssl-devel (openSUSE-SU-2011:1144-1)
2014-06-13 00:00:00
freebsd
freebsd
OpenSSL -- multiple vulnerabilities
2011-09-06 00:00:00
securityvulns
securityvulns
OpenSSL security vulnerabilities
2011-10-16 00:00:00
APPLE-SA-2013-06-04-1 OS X Mountain Lion v10.8.4 and Security Update 2013-002
2013-06-17 00:00:00
openvas
openvas
FreeBSD Ports: openssl
2011-09-21 00:00:00
FreeBSD Ports: openssl
2011-09-21 00:00:00
Mandriva Update for openssl MDVSA-2011:137 (openssl)
2011-09-30 00:00:00
cve
cve
CVE-2011-3210
2011-09-22 10:55:03
CVE-2011-3207
2011-09-22 10:55:03
checkpoint_advisories
checkpoint_advisories
OpenSSL Handshake Sequence Cipher Suite Use-After-Free (CVE-2011-3210)
2012-05-14 00:00:00
OpenSSL Handshake Requests ECDH Use-After-Free (CVE-2011-3210)
2012-05-14 00:00:00
nvd
nvd
CVE-2011-3207
2011-09-22 10:55:03
CVE-2011-3210
2011-09-22 10:55:03
oraclelinux
oraclelinux
openssl security update
2011-10-26 00:00:00
openssl-fips security update
2015-04-02 00:00:00
openssl security update
2016-09-27 00:00:00
redhat
redhat
(RHSA-2011:1409) Moderate: openssl security update
2011-10-26 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package openssl10 version 1.0.0e-alt1
2011-09-12 00:00:00
Security fix for the ALT Linux 7 package openssl10 version 1.0.0e-alt1
2011-09-12 00:00:00
Security fix for the ALT Linux 8 package openssl10 version 1.0.0e-alt1
2011-09-12 00:00:00
amazon
amazon
Medium: openssl
2011-10-10 23:40:00
fedora
fedora
[SECURITY] Fedora 16 Update: openssl-1.0.0e-1.fc16
2011-09-11 01:45:41
[SECURITY] Fedora 15 Update: openssl-1.0.0g-1.fc15
2012-01-24 07:55:34
[SECURITY] Fedora 14 Update: openssl-1.0.0e-1.fc14
2011-09-10 23:55:13
ubuntucve
ubuntucve
CVE-2011-3207
2011-09-22 00:00:00
CVE-2011-3210
2011-09-22 00:00:00
debiancve
debiancve
CVE-2011-3207
2011-09-22 10:55:03
CVE-2011-3210
2011-09-22 10:55:03
openssl
openssl
Vulnerability in OpenSSL CVE-2011-3207
2011-09-06 00:00:00
Vulnerability in OpenSSL CVE-2011-3210
2011-09-06 00:00:00
prion
prion
Design/Logic Flaw
2011-09-22 10:55:00
Code injection
2011-09-22 10:55:00
veracode
veracode
CRL Validation Bypass
2020-04-10 01:07:24
f5
f5
SOL15318 - OpenSSL vulnerability CVE-2011-3207
2014-06-05 00:00:00
K15318 : OpenSSL vulnerability CVE-2011-3207
2014-06-05 00:00:00
K16834 : OpenSSL vulnerability CVE-2011-3210
2015-07-01 00:00:00
cvelist
cvelist
CVE-2011-3207
2011-09-22 10:00:00
CVE-2011-3210
2011-09-22 10:00:00
debian
debian
[BSA-060] Security Update for openssl
2011-11-14 04:20:38
ibm
ibm
Security Bulletin: IBM XIV Storage System Gen3 (CVE-2011-4619, CVE-2011-4576, CVE-2011-3210, CVE-2012-4829)
2022-09-26 04:23:14
Security Bulletin: Tivoli Management Framework affected by vulnerabilities in OpenSSL versions prior to 1.0.0
2022-09-25 23:13:40
Security Bulletin: Storage HMC OpenSSL upgrade to address cryptographic vulnerabilities.
2018-06-18 00:07:41
gentoo
gentoo
OpenSSL: Multiple vulnerabilities
2011-10-09 00:00:00
ubuntu
ubuntu
OpenSSL vulnerabilities
2012-02-09 00:00:00
lenovo
lenovo
Intelยฎ PROSet/Wireless WiFi Software Vulnerabilities - US
2018-11-13 17:10:51
Intelยฎ PROSet/Wireless WiFi Software Vulnerabilities - Lenovo Support US
2018-11-13 17:10:51

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.305 Low

EPSS

Percentile

97.0%

JSON
Related for 801065.PRM
nessus24freebsd1securityvulns2openvas33cve2checkpoint_advisories2nvd2oraclelinux6redhat1altlinux5amazon1fedora8ubuntucve2debiancve2openssl2prion2veracode1f54cvelist2debian1ibm8gentoo1ubuntu1lenovo2