Download
| Alert*
oval:org.secpod.oval:def:1225
The host is installed with OpenSSL and is prone to lattice calculation and timing attack vulnerability. A flaw is present in elliptic curve cryptography (ECC) subsystem, which fails to properly implement curves over binary fields. Successful exploitation allow context-dependent attackers to determin ... oval:org.secpod.oval:def:600621 Several fraudulent SSL certificates have been found in the wild issued by the DigiNotar Certificate Authority, obtained through a security compromise of said company. After further updates on this incident, it has been determined that all of DigiNotar"s signing certificates can no longer be trusted. ... oval:org.secpod.oval:def:14142 The host is installed with OS X Lion 10.7 through 10.7.5, OS X Lion Server 10.7 through 10.7.5, OS X Mountain Lion 10.8 through 10.8.3, Apple Mac OS X Server 10.6.8 or Apple Mac OS X 10.6.8 and is prone to information disclosure vulnerability. A flaw is present in the application, which fails to pro ... oval:org.secpod.oval:def:700763 openssl: Secure Socket Layer binary and related cryptographic tools Multiple vulnerabilities exist in OpenSSL that could expose sensitive information or cause applications to crash. oval:org.secpod.oval:def:301080 A vulnerability was discovered and corrected in openssl: The elliptic curve cryptography subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm is used for the ECDHE_ECDSA cipher suite, does not properly implement curves over binary fields, which makes it easi ... oval:org.secpod.oval:def:301099 Multiple vulnerabilities has been discovered and corrected in openssl: The elliptic curve cryptography subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm is used for the ECDHE_ECDSA cipher suite, does not properly implement curves over binary fields, which ... oval:org.secpod.oval:def:14174 The host is missing an important security update according to Apple advisory, APPLE-SA-2013-06-04-1. The update is required to fix multiple vulnerabilities. The flaw are present in the application, which fails to handle a crafted application. Successful exploitation could allow attackers to crash th ... |