Boletines de Vulnerabilidades |
Múltiples vulnerabilidades en OpenSSL |
|
Clasificación de la vulnerabilidad |
|
| Propiedad | Valor |
| Nivel de Confianza | Oficial |
| Impacto | Denegación de Servicio |
| Dificultad | Avanzado |
| Requerimientos del atacante | Acceso remoto sin cuenta a un servicio estandar |
Información sobre el sistema |
|
| Propiedad | Valor |
| Fabricant afectat | GNU/Linux |
| Software afectado |
OpenSSL 0.9.6c - 0.9.6l OpenSSL 0.9.7a - 0.9.7c NetScreen IVE NetScreen IDP 2.0 - 2.1r6 Cisco IOS 12.1E > 12.1(11)E - 7100 & 7200 Series Routers. Crypto images 56i & k2. Cisco IOS 12.2SY & 12.2ZA - Cisco Catalyst 6500 Series & Cisco 7600 Series Routers. Crypto images k8, k9 & k91. Cisco PIX Firewall Cisco Firewall Services Module (FWSM) Cisco MDS 9000 Series Multilayer Switch Cisco Content Service Switch (CSS) 11000 & 11500 series Cisco Global Site Selector (GSS) 4480 & 4490 Cisco Content Service Switch (CSS) Secure Content Accelerator versions 1 & 2 CiscoWorks Common Services (CWCS) version 2.2 CiscoWorks Common Management Foundation (CMF) version 2.1 Cisco Access Registrar (CAR) Cisco Call Manager (CCM) Cisco Okena Stormwatch 3.2 Cisco Application & Content Networking Software (ACNS) Cisco Threat Response (CTR) Check Point VPN-1/FireWall-1 NG Check Point VPN-1/FireWall-1 VSX NG - Application Intelligence Check Point Provider-1 NG Check Point FireWall-1 GX v2.0 Sun Crypto Accelerator 500 Sun Crypto Accelerator 1000 v1.0 Sun Crypto Accelerator 1000 v1.1 Sun Crypto Accelerator 4000 v1.0 HP-UX AAA Server A.06.01.02.04 HP-UX AAA Server A.06.01.02.06 hp-ux apache-based web server <=2.0.43.04 hp-ux apache-based web server <=v.2.01 hp-ux apache-based web server (IPv6) <=2.0.43.04 hp-ux apache-based web server (IPv6) <=v.2.01 HP WBEM Services <= A.01.05.08 HP WBEM Services A.02.00.00 HP WBEM Services A.02.00.01 Novell eDirectory |
Descripción |
|
|
Se han descubierto múltiples vulnerabilidades en las versiones que van desde la 0.9.6c a la 0.9.6l y desde la 0.9.7a a la 0.9.7c de OpenSSL. Las vulnerabilidades se encuentran en la implementación de los protocolos TLS y SSL, usados para proveer servicios seguros a un gran número de aplicaciones. 1.- CAN-2004-0079: Asignación a un puntero nulo en la función do_change_cipher_spec. Un atacante remoto podría explotar esta vulnerabilidad mediante una negociación SSL/TLS especialmente diseñada contra una aplicación que utilicé OpenSSL lo que provocaría la interrupción de OpenSSL y, dependiendo de la aplicación que utilice la librería, una situación de denegación de servicio. Las versiones de OpenSSL afectadas por esta vulnerabilidad son desde la 0.9.6c a la 0.9.6k y desde la 0.9.7a a la 0.9.7c. 2.- CAN-2004-0112: Vulnerabilidad en el código de negociación de SSL/TLS cuando se utilizan ciphersuites de Kerberos. Un atacante remoto podría explotar esta vulnerabilidad mediante una negociación SSL/TLS especialmente diseñada contra una aplicación que utilicé OpenSSL y que soporte ciphersuites de Kerberos, lo que provocaría una interrupción de OpenSSL. Se ha de destacar, no obstante, que la mayoría de aplicaciones que usan OpenSSL no utilizan ciphersuites de Kerberos con lo cuál no se ven afectadas por esta vulnerabilidad. Las versiones de OpenSSL afectadas por esta vulnerabilidad son la 0.9.7a, la 0.9.7b y la 0.9.7.c 3.- CAN-2004-0081: Vulnerabilidad en versiones antiguas de OpenSSL 0.9.6, cuya explotación puede llevar a una denegación de servicio debido a un bucle infinito. |
|
Solución |
|
|
Actualización de software OpenSSL OpenSSL 0.9.7d ftp://ftp.openssl.org/source/openssl-0.9.7d.tar.gz OpenSSL 0.9.6m ftp://ftp.openssl.org/source/openssl-0.9.6m.tar.gz ftp://ftp.openssl.org/source/openssl-engine-0.9.6m.tar.gz Debian Linux Debian Linux 3.0 Fuentes http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.6.dsc http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.6.diff.gz http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c.orig.tar.gz http://security.debian.org/pool/updates/main/o/openssl094/openssl094_0.9.4-6.woody.3.dsc http://security.debian.org/pool/updates/main/o/openssl094/openssl094_0.9.4-6.woody.3.diff.gz http://security.debian.org/pool/updates/main/o/openssl094/openssl094_0.9.4.orig.tar.gz http://security.debian.org/pool/updates/main/o/openssl095/openssl095_0.9.5a-6.woody.5.dsc http://security.debian.org/pool/updates/main/o/openssl095/openssl095_0.9.5a-6.woody.5.diff.gz http://security.debian.org/pool/updates/main/o/openssl095/openssl095_0.9.5a.orig.tar.gz Paquetes independientes de arquitectura http://security.debian.org/pool/updates/main/o/openssl/ssleay_0.9.6c-2.woody.6_all.deb Alpha http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.6c-2.woody.6_alpha.deb http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.6_0.9.6c-2.woody.6_alpha.deb http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.6_alpha.deb http://security.debian.org/pool/updates/main/o/openssl095/libssl095a_0.9.5a-6.woody.5_alpha.deb ARM http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.6c-2.woody.6_arm.deb http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.6_0.9.6c-2.woody.6_arm.deb http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.6_arm.deb http://security.debian.org/pool/updates/main/o/openssl095/libssl095a_0.9.5a-6.woody.5_arm.deb Intel IA-32 http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.6c-2.woody.6_i386.deb http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.6_0.9.6c-2.woody.6_i386.deb http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.6_i386.deb http://security.debian.org/pool/updates/main/o/openssl094/libssl09_0.9.4-6.woody.3_i386.deb http://security.debian.org/pool/updates/main/o/openssl095/libssl095a_0.9.5a-6.woody.5_i386.deb Intel IA-64 http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.6c-2.woody.6_ia64.deb http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.6_0.9.6c-2.woody.6_ia64.deb http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.6_ia64.deb HP Precision http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.6c-2.woody.6_hppa.deb http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.6_0.9.6c-2.woody.6_hppa.deb http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.6_hppa.deb Motorola 680x0 http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.6c-2.woody.6_m68k.deb http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.6_0.9.6c-2.woody.6_m68k.deb http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.6_m68k.deb http://security.debian.org/pool/updates/main/o/openssl095/libssl095a_0.9.5a-6.woody.5_m68k.deb Big endian MIPS http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.6c-2.woody.6_mips.deb http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.6_0.9.6c-2.woody.6_mips.deb http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.6_mips.deb http://security.debian.org/pool/updates/main/o/openssl095/libssl095a_0.9.5a-6.woody.5_mips.deb Little endian MIPS http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.6c-2.woody.5_mipsel.deb http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.6_0.9.6c-2.woody.5_mipsel.deb http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.5_mipsel.deb http://security.debian.org/pool/updates/main/o/openssl095/libssl095a_0.9.5a-6.woody.5_mipsel.deb PowerPC http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.6c-2.woody.6_powerpc.deb http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.6_0.9.6c-2.woody.6_powerpc.deb http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.6_powerpc.deb http://security.debian.org/pool/updates/main/o/openssl095/libssl095a_0.9.5a-6.woody.5_powerpc.deb IBM S/390 http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.6c-2.woody.6_s390.deb http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.6_0.9.6c-2.woody.6_s390.deb http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.6_s390.deb Sun Sparc http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.6c-2.woody.6_sparc.deb http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.6_0.9.6c-2.woody.6_sparc.deb http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.6c-2.woody.6_sparc.deb http://security.debian.org/pool/updates/main/o/openssl095/libssl095a_0.9.5a-6.woody.5_sparc.deb RedHat Linux RedHat Linux 9 SRPMS ftp://updates.redhat.com/9/en/os/SRPMS/openssl-0.9.7a-20.2.src.rpm ftp://updates.redhat.com/9/en/os/SRPMS/openssl096-0.9.6-25.9.src.rpm ftp://updates.redhat.com/9/en/os/SRPMS/openssl096b-0.9.6b-15.src.rpm i386 ftp://updates.redhat.com/9/en/os/i386/openssl-0.9.7a-20.2.i386.rpm ftp://updates.redhat.com/9/en/os/i386/openssl-devel-0.9.7a-20.2.i386.rpm ftp://updates.redhat.com/9/en/os/i386/openssl-perl-0.9.7a-20.2.i386.rpm ftp://updates.redhat.com/9/en/os/i386/openssl096-0.9.6-25.9.i386.rpm ftp://updates.redhat.com/9/en/os/i386/openssl096b-0.9.6b-15.i386.rpm i686 ftp://updates.redhat.com/9/en/os/i686/openssl-0.9.7a-20.2.i686.rpm Red Hat Enterprise Linux AS (v. 3) AMD64 openssl-0.9.7a-33.4.x86_64.rpm openssl-devel-0.9.7a-33.4.x86_64.rpm openssl096b-0.9.6b-16.x86_64.rpm SRPMS openssl-0.9.7a-33.4.src.rpm openssl096b-0.9.6b-16.src.rpm i386 openssl-0.9.7a-33.4.i386.rpm openssl-devel-0.9.7a-33.4.i386.rpm openssl096b-0.9.6b-16.i386.rpm i686 openssl-0.9.7a-33.4.i686.rpm openssl-0.9.7a-33.4.i686.rpm openssl-0.9.7a-33.4.i686.rpm ia64 openssl-0.9.7a-33.4.ia64.rpm openssl-devel-0.9.7a-33.4.ia64.rpm openssl096b-0.9.6b-16.ia64.rpm ppc openssl-0.9.7a-33.4.ppc.rpm openssl-devel-0.9.7a-33.4.ppc.rpm openssl096b-0.9.6b-16.ppc.rpm ppc64 openssl-0.9.7a-33.4.ppc64.rpm s390 openssl-0.9.7a-33.4.s390.rpm openssl-devel-0.9.7a-33.4.s390.rpm openssl096b-0.9.6b-16.s390.rpm openssl-0.9.7a-33.4.s390.rpm openssl096b-0.9.6b-16.s390.rpm s390x openssl-0.9.7a-33.4.s390x.rpm openssl-devel-0.9.7a-33.4.s390x.rpm https://rhn.redhat.com/ Red Hat Enterprise Linux ES (v. 3) SRPMS openssl-0.9.7a-33.4.src.rpm openssl096b-0.9.6b-16.src.rpm i386 openssl-0.9.7a-33.4.i386.rpm openssl-devel-0.9.7a-33.4.i386.rpm openssl096b-0.9.6b-16.i386.rpm i686 openssl-0.9.7a-33.4.i686.rpm https://rhn.redhat.com/ Red Hat Enterprise Linux WS (v. 3) AMD64 openssl-0.9.7a-33.4.x86_64.rpm openssl-devel-0.9.7a-33.4.x86_64.rpm openssl096b-0.9.6b-16.x86_64.rpm SRPMS openssl-0.9.7a-33.4.src.rpm openssl096b-0.9.6b-16.src.rpm i386 openssl-0.9.7a-33.4.i386.rpm openssl-devel-0.9.7a-33.4.i386.rpm openssl096b-0.9.6b-16.i386.rpm i686 openssl-0.9.7a-33.4.i686.rpm openssl-0.9.7a-33.4.i686.rpm openssl-0.9.7a-33.4.i686.rpm ia64 openssl-0.9.7a-33.4.ia64.rpm openssl-devel-0.9.7a-33.4.ia64.rpm openssl096b-0.9.6b-16.ia64.rpm https://rhn.redhat.com/ Red Hat (openssl 0.96b) Red Hat Desktop (v. 3) Red Hat Desktop (v. 4) Red Hat Enterprise Linux AS (v. 3) Red Hat Enterprise Linux AS (v. 4) Red Hat Enterprise Linux ES (v. 3) Red Hat Enterprise Linux ES (v. 4) Red Hat Enterprise Linux WS (v. 3) Red Hat Enterprise Linux WS (v. 4) Red Hat Enterprise Linux AS (v. 2.1) Red Hat Enterprise Linux ES (v. 2.1) Red Hat Enterprise Linux WS (v. 2.1) Red Hat Linux Advanced Workstation 2.1 Itanium https://rhn.redhat.com/ Mandrake Mandrake Linux 9.0 x86 ftp://ftp.rediris.es/mirror/mandrake/updates/9.0/RPMS/libopenssl0-0.9.6i-1.7.90mdk.i586.rpm ftp://ftp.rediris.es/mirror/mandrake/updates/9.0/RPMS/libopenssl0-devel-0.9.6i-1.7.90mdk.i586.rpm ftp://ftp.rediris.es/mirror/mandrake/updates/9.0/RPMS/libopenssl0-static-devel-0.9.6i-1.7.90mdk.i586.rpm ftp://ftp.rediris.es/mirror/mandrake/updates/9.0/RPMS/openssl-0.9.6i-1.7.90mdk.i586.rpm ftp://ftp.rediris.es/mirror/mandrake/updates/9.0/SRPMS/openssl-0.9.6i-1.7.90mdk.src.rpm Mandrake Linux 9.1 x86 ftp://ftp.rediris.es/mirror/mandrake/updates/9.1/RPMS/libopenssl0-0.9.6i-1.3.91mdk.i586.rpm ftp://ftp.rediris.es/mirror/mandrake/updates/9.1/RPMS/libopenssl0.9.7-0.9.7a-1.3.91mdk.i586.rpm ftp://ftp.rediris.es/mirror/mandrake/updates/9.1/RPMS/libopenssl0.9.7-devel-0.9.7a-1.3.91mdk.i586.rpm ftp://ftp.rediris.es/mirror/mandrake/updates/9.1/RPMS/libopenssl0.9.7-static-devel-0.9.7a-1.3.91mdk.i586.rpm ftp://ftp.rediris.es/mirror/mandrake/updates/9.1/RPMS/openssl-0.9.7a-1.3.91mdk.i586.rpm ftp://ftp.rediris.es/mirror/mandrake/updates/9.1/SRPMS/openssl-0.9.7a-1.3.91mdk.src.rpm ftp://ftp.rediris.es/mirror/mandrake/updates/9.1/SRPMS/openssl0.9.6-0.9.6i-1.3.91mdk.src.rpm PPC ftp://ftp.rediris.es/mirror/mandrake/updates/ppc/9.1/RPMS/libopenssl0-0.9.6i-1.3.91mdk.ppc.rpm ftp://ftp.rediris.es/mirror/mandrake/updates/ppc/9.1/RPMS/libopenssl0.9.7-0.9.7a-1.3.91mdk.ppc.rpm ftp://ftp.rediris.es/mirror/mandrake/updates/ppc/9.1/RPMS/libopenssl0.9.7-devel-0.9.7a-1.3.91mdk.ppc.rpm ftp://ftp.rediris.es/mirror/mandrake/updates/ppc/9.1/RPMS/libopenssl0.9.7-static-devel-0.9.7a-1.3.91mdk.ppc.rpm ftp://ftp.rediris.es/mirror/mandrake/updates/ppc/9.1/RPMS/openssl-0.9.7a-1.3.91mdk.ppc.rpm ftp://ftp.rediris.es/mirror/mandrake/updates/ppc/9.1/SRPMS/openssl-0.9.7a-1.3.91mdk.src.rpm ftp://ftp.rediris.es/mirror/mandrake/updates/ppc/9.1/SRPMS/openssl0.9.6-0.9.6i-1.3.91mdk.src.rpm Mandrake Linux 9.2 x86 ftp://ftp.rediris.es/mirror/mandrake/updates/9.2/RPMS/libopenssl0.9.7-0.9.7b-4.2.92mdk.i586.rpm ftp://ftp.rediris.es/mirror/mandrake/updates/9.2/RPMS/libopenssl0.9.7-devel-0.9.7b-4.2.92mdk.i586.rpm ftp://ftp.rediris.es/mirror/mandrake/updates/9.2/RPMS/libopenssl0.9.7-static-devel-0.9.7b-4.2.92mdk.i586.rpm ftp://ftp.rediris.es/mirror/mandrake/updates/9.2/RPMS/openssl-0.9.7b-4.2.92mdk.i586.rpm ftp://ftp.rediris.es/mirror/mandrake/updates/9.2/SRPMS/openssl-0.9.7b-4.2.92mdk.src.rpm AMD64 ftp://ftp.rediris.es/mirror/mandrake/updates/amd64/9.2/RPMS/lib64openssl0.9.7-0.9.7b-4.2.92mdk.amd64.rpm ftp://ftp.rediris.es/mirror/mandrake/updates/amd64/9.2/RPMS/lib64openssl0.9.7-devel-0.9.7b-4.2.92mdk.amd64.rpm ftp://ftp.rediris.es/mirror/mandrake/updates/amd64/9.2/RPMS/lib64openssl0.9.7-static-devel-0.9.7b-4.2.92mdk.amd64.rpm ftp://ftp.rediris.es/mirror/mandrake/updates/amd64/9.2/RPMS/openssl-0.9.7b-4.2.92mdk.amd64.rpm ftp://ftp.rediris.es/mirror/mandrake/updates/amd64/9.2/SRPMS/openssl-0.9.7b-4.2.92mdk.src.rpm Multi Network Firewall 8.2 x86 ftp://ftp.rediris.es/mirror/mandrake/updates/mnf8.2/RPMS/libopenssl0-0.9.6i-1.6.M82mdk.i586.rpm ftp://ftp.rediris.es/mirror/mandrake/updates/mnf8.2/RPMS/openssl-0.9.6i-1.6.M82mdk.i586.rpm ftp://ftp.rediris.es/mirror/mandrake/updates/mnf8.2/SRPMS/openssl-0.9.6i-1.6.M82mdk.src.rpm Corporate Server 2.1 x86 ftp://ftp.rediris.es/mirror/mandrake/updates/corporate/2.1/RPMS/libopenssl0-0.9.6i-1.7.C21mdk.i586.rpm ftp://ftp.rediris.es/mirror/mandrake/updates/corporate/2.1/RPMS/libopenssl0-devel-0.9.6i-1.7.C21mdk.i586.rpm ftp://ftp.rediris.es/mirror/mandrake/updates/corporate/2.1/RPMS/libopenssl0-static-devel-0.9.6i-1.7.C21mdk.i586.rpm ftp://ftp.rediris.es/mirror/mandrake/updates/corporate/2.1/RPMS/openssl-0.9.6i-1.7.C21mdk.i586.rpm ftp://ftp.rediris.es/mirror/mandrake/updates/corporate/2.1/SRPMS/openssl-0.9.6i-1.7.C21mdk.src.rpm x86_64 ftp://ftp.rediris.es/mirror/mandrake/updates/x86_64/corporate/2.1/RPMS/libopenssl0-0.9.6i-1.7.C21mdk.x86_64.rpm ftp://ftp.rediris.es/mirror/mandrake/updates/x86_64/corporate/2.1/RPMS/libopenssl0-devel-0.9.6i-1.7.C21mdk.x86_64.rpm ftp://ftp.rediris.es/mirror/mandrake/updates/x86_64/corporate/2.1/RPMS/libopenssl0-static-devel-0.9.6i-1.7.C21mdk.x86_64.rpm ftp://ftp.rediris.es/mirror/mandrake/updates/x86_64/corporate/2.1/RPMS/openssl-0.9.6i-1.7.C21mdk.x86_64.rpm ftp://ftp.rediris.es/mirror/mandrake/updates/x86_64/corporate/2.1/SRPMS/openssl-0.9.6i-1.7.C21mdk.src.rpm SuSe Linux SuSE-9.0 i386 ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/openssl-0.9.7b-133.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/openssl-devel-0.9.7b-133.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/openssl-0.9.7b-133.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/openssl-devel-0.9.7b-133.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/openssl-0.9.7b-133.src.rpm SuSE-8.2 i386 ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/openssl-0.9.6i-21.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/openssl-devel-0.9.6i-21.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/openssl-0.9.6i-21.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/openssl-devel-0.9.6i-21.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/openssl-0.9.6i-21.src.rpm SuSE-8.1 i386 ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/openssl-0.9.6g-114.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/openssl-devel-0.9.6g-114.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/openssl-0.9.6g-114.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/openssl-devel-0.9.6g-114.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/openssl-0.9.6g-114.src.rpm SuSE-8.0 i386 ftp://ftp.suse.com/pub/suse/i386/update/8.0/sec1/openssl-0.9.6c-87.i386.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.0/d3/openssl-devel-0.9.6c-87.i386.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.0/sec1/openssl-0.9.6c-87.i386.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.0/d3/openssl-devel-0.9.6c-87.i386.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/openssl-0.9.6c-87.src.rpm FreeBSD FreeBSD 4.8, 4.9, 5.1, 5.2 ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-04:05/openssl.patch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-04:05/openssl.patch.asc OpenBSD OpenBSD 3.3 ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/021_openssl.patch OpenBSD 3.4 ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/016_openssl.patch NetScreen NetScreen IVE https://support.neoteris.com NetScreen IDP - openssl-0.9.6b-35.7.idp.1.i386.rpm http://www.netscreen.com/cso CISCO Cisco IOS 12.2ZA Versión que lo soluciona: 12.2(14)ZA8 - No se ha determinado fecha de publicación. Cisco IOS 12.2SY Versión que lo soluciona: 12.2(14)SY4 – 25 de marzo Cisco IOS 12.1E Versión que lo soluciona: 12.1(13)E14 – 8 de Abril Versión que lo soluciona: 12.1.(19)E7 – 8 de Abril Versión que lo soluciona: 12.1(20)E3 – 26 de Abril Versión que lo soluciona: 12.1(22)E - No se ha determinado fecha de publicación. Cisco PIX Firewall La vulnerabilidad está solucionada en las versiones del software 6.0(4)102, 6.1(5)102, 6.2(3)107 y 6.3(3)124.Para obtener las versiones que solucionan el problema póngase en contacto con el Centro de Asistencia Técnica de Cisco (TAC). Cisco Firewall Services Module (FWSM) for the Cisco Catalyst 6500 Series and Cisco 7600 Series routers La vulnerabilidad está solucionada en la versión del software 1.1.3(14) que estará disponible el 26 de Marzo del 2004. Para obtener la versión que soluciona el problema póngase en contacto con el Centro de Asistencia Técnica de Cisco (TAC). Cisco MDS 9000 Series Multilayer Switches La vulnerabilidad está solucionada en las versiones del software 2.0(0.86) and 1.3(3.33). Cisco Content Service Switch (CSS) 11000 & 11500 series La vulnerabilidad está solucionada en la versiones del software 6.10.3.04, 7.10.5.07s y 7.20.3.10s que estaran disponibles el 2 de Abril del 2004. Cisco Global Site Selector (GSS) 4480 & 4490 La vulnerabilidad está solucionada en la versión del software 1.1.1.1.0 que estará disponible el 2 de Abril del 2004. Cisco Content Service Switch (CSS) Secure Content Accelerator versions 1 & 2 La vulnerabilidad está solucionada en la versión del software 4.2.0.21 que estará disponible el 31 de Marzo del 2004. CiscoWorks Common Services (CWCS) version 2.2 & CiscoWorks Common Management Foundation (CMF) version 2.1 No se ha determinado versión ni fecha de publicación para resolver la vulnerabilidad. Cisco Access Registrar (CAR) La vulnerabilidad está solucionada en la versión del software 3.5.0.12 que estará disponible el 26 de Marzo del 2004. Cisco Call Manager (CCM) La vulnerabilidad está solucionada en la versión del software 4.0(1)ES05 que estará disponible el 24 de Marzo del 2004. La versión del software 4.0(1)sr2 que soluciona esta vulnerabilidad estará disponible en Abril del 2004. Para la versión del software 4.0(2) que soluciona esta vulnerabilidad no hay fecha de publicación determinada. Cisco Okena Stormwatch 3.2 No se ha determinado versión ni fecha de publicación para resolver la vulnerabilidad. Cisco Application & Content Networking Software (ACNS) Las versiones que solucionan esta vulnerabilidad son 5.0.(11)b8 y 5.1(5). Estas versiones estarán disponibles el 31 de Marzo. Cisco Threat Response (CTR) La versión que solucionan esta vullnerabilidad es la 2.0.3. Esta versión estará disponible el 1 de Abril del 2004. Check Point Check Point VPN-1/FireWall-1 NG - Application Intelligence IPSO http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=IPSO%203.7&patchlevel_selected=R55%20-%20Hotfixes Linux http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=Linux&patchlevel_selected=R55%20-%20Hotfixes SecurePlatform http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=SecurePlatform&patchlevel_selected=R55%20-%20Hotfixes Solaris http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=Solaris%202.8&patchlevel_selected=R55%20-%20Hotfixes Check Point VPN-1/Firewall-1 VSX VPN-1/FireWall-1 VSX - Application Intelligence http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1%20VSX&version_selected=VSX%20NG%20with%20Application%20Intelligence&os_selected=VSX%20NG%20with%20Application%20Intelligence%20SingleCD&patchlevel_selected=OpenSSL%20Hotfix Check Point Provider-1 NG - Application Intelligence R55 OpenSSL Hotfix Linux http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=Provider-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=Linux&patchlevel_selected=R55%20OpenSSL%20Hotfix SecurePlatform http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=Provider-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=SecurePlatform&patchlevel_selected=R55%20OpenSSL%20Hotfix Solaris http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=Provider-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=Solaris%202.9&patchlevel_selected=R55%20OpenSSL%20Hotfix Check Point FireWall-1 GX v2.0 OpenSSL Hotfix IPSO http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=FireWall-1%20GX&version_selected=v2.0&os_selected=IPSO&patchlevel_selected=OpenSSL%20Hotfix Linux http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=FireWall-1%20GX&version_selected=v2.0&os_selected=Linux&patchlevel_selected=OpenSSL%20Hotfix SecurePlatform http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=FireWall-1%20GX&version_selected=v2.0&os_selected=SecurePlatform&patchlevel_selected=OpenSSL%20Hotfix Solaris http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=FireWall-1%20GX&version_selected=v2.0&os_selected=Solaris&patchlevel_selected=OpenSSL%20Hotfix Mac OS X Mac OS X 10.3.3 http://www.apple.com/support/downloads/securityupdate_2004-04-05_(10_3_3).html NetBSD NetBSD 1.5, 1.5.1, 1.5.2, 1.5.3 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc NetBSD 1.6, 1.6.1, 1.6.2 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc HP HP-UX HP-UX AAA Server - Instalar revisión A.06.01.02.07 http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=T1428AA hp-ux apache-based web server v.2.03 http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE HP WBEM Services A.01.05.09 HP-UX http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B8465BA HP WBEM Services A.02.00.02 HP-UX http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B8465BA Linux http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=T2347BA HP-UX B.11.00 hpuxwsAPACHE A.2.0.49.00 HP-UX B.11.11 hpuxwsAPACHE A.2.0.49.00 HP-UX B.11.22 hpuxwsAPACHE B.11.23 HP-UX B.11.11 hpuxwsAPACHE B.2.0.49.00 HP-UX B.11.23 hpuxwsAPACHE B.2.0.49.00 HP-UX B.11.04 Virtualvault A.04.70 PHSS_30639 PHSS_30640 PHSS_30641 PHSS_30642 HP-UX B.11.04 Virtualvault A.04.60 PHSS_30643 PHSS_30644 PHSS_30645 PHSS_30646 HP-UX B.11.04 Virtualvault A.04.50 PHSS_30647 PHSS_30648 HP-UX B.11.04 HP Webproxy A.02.10 PHSS_30649 HP-UX B.11.04 HP Webproxy A.02.00 PHSS_30650 Novell Novell eDirectory Netware Microsoft Windows Linux Unix http://support.novell.com/servlet/filedownload/sec/pub/secupd4.tgz/ Sun Sun Crypto Accelerator 4000 v1.0 SPARC http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=114796&rev=04 SCO OpenServer 5.0.6 ftp://ftp.sco.com/pub/openserver5/oss646c/ ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10 OpenServer 5.0.7 ftp://ftp.sco.com/pub/openserver5/507/mp/mp3/osr507mp3.txt SGI IRIX 6.5.20m - Parche 5535 IRIX 6.5.20f - Parche 5535 IRIX 6.5.21m - Parche 5536 IRIX 6.5.21f - Parche 5536 IRIX 6.5.22m - Parche 5533 IRIX 6.5.23m - Parche 5533 IRIX 6.5.24m - Parche 5533 ftp://patches.sgi.com/support/free/security/patches/ Advanced Linux Environment 3 / RPM / Patch 10242 ftp://oss.sgi.com/projects/sgi_propack/download/3/updates/RPMS Advanced Linux Environment 3 / SRPM / Patch 10242 ftp://oss.sgi.com/projects/sgi_propack/download/3/updates/SRPMS |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE |
CAN-2004-0079 CAN-2004-0081 CAN-2004-0112 |
| BID | |
Recursos adicionales |
|
|
OpenSSL http://www.openssl.org/news/secadv_20040317.txt Debian Security Advisory http://lists.debian.org/debian-security-announce/debian-security-announce-2004/msg00062.html Red Hat Security Advisory RHSA-2004:121-04 https://rhn.redhat.com/errata/RHSA-2004-121.html Red Hat Security Advisory RHSA-2004:120-11 https://rhn.redhat.com/errata/RHSA-2004-120.html Red Hat Security Advisory (RHSA-2005:830-4) https://rhn.redhat.com/errata/RHSA-2005-830.html Red Hat Security Advisory (RHSA-2005:829-7) https://rhn.redhat.com/errata/RHSA-2005-829.html MandrakeSoft Security Advisory MDKSA-2004:023 http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:023 SUSE Security Announcement SuSE-SA:2004:007 http://www.suse.de/de/security/2004_07_openssl.html FreeBSD Security Advisory FreeBSD-SA-04:05 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc OpenBSD Security Advisory http://www.openbsd.org/security.html NetScreen Advisory 58466 http://www.netscreen.com/services/security/alerts/adv58466-signed.txt Cisco Security Advisory 49898 http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml Check Point Alert http://www.checkpoint.com/techsupport/alerts/openssl.html Sun(sm) Alert Notification 57524 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57524&zone_32=category%3Asecurity Sun(sm) Alert Notification 57571 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57571&zone_32=category%3Asecurity Apple Security Updates http://docs.info.apple.com/article.html?artnum=61798 NetBSD Security Advisory 2004-005 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc HP SECURITY BULLETIN HPSBUX01011 http://www4.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01011 HP SECURITY BULLETIN HPSBUX01019 http://www4.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01019 HP SECURITY BULLETIN HPSBMA01037 http://www5.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBMA01037 Novell Technical Information Document TID2968981 http://support.novell.com/cgi-bin/search/searchtid.cgi?/2968981.htm SCO Security Advisory SCOSA-2004.10 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt SGI Security Advisory 20041101-01-P ftp://patches.sgi.com/support/free/security/advisories/20041101-01-P.asc SGI Security Advisory (20051101-01-U) ftp://patches.sgi.com/support/free/security/advisories/20051101-01-U.asc |
|
Histórico de versiones |
||
| Versión | Comentario | Data |
| 1.0 | Aviso emitido | 2004-03-17 |
| 1.1 | Avisos emitidos de Debian, Mandrake, Suse, RedHat, NetScreen y Cisco | 2004-03-23 |
| 1.2 | Actualización del aviso de Cisco | 2004-03-24 |
| 1.3 | Aviso emitido por Check Point | 2004-03-29 |
| 1.4 | Actualización del aviso de Cisco. Aviso emitido por Sun. | 2004-03-30 |
| 1.5 | Actualización del aviso de NetScreen | 2004-04-05 |
| 1.6 | Emitida actualización de seguridad de Apple | 2004-04-08 |
| 1.7 | Actualización del aviso de Cisco | 2004-04-13 |
| 1.8 | Aviso emitido por NetBSD | 2004-04-22 |
| 1.9 | Avisos emitidos por HP (HPSBUX01011 y HPSBUX01019) | 2004-04-27 |
| 1.10 | Aviso emitido por HP (HPSBMA01037) | 2004-05-06 |
| 1.11 | Aviso emitido por RedHat (RHSA-2004:120-11) | 2004-05-21 |
| 1.12 | Aviso emitido por Novell (TID2968981) | 2004-05-28 |
| 1.13 | Aviso emitido por Sun (57571) | 2004-06-08 |
| 1.14 | Aviso HPSBUX01019 actualizado por HP | 2004-07-12 |
| 1.15 | Aviso emitido por SCO (SCOSA-2004.10) | 2004-07-31 |
| 1.16 | Aviso emitido por SGI (20041101-01-P) | 2004-11-03 |
| 1.17 | Aviso actualizado por HP (HPSBMA01037) | 2005-06-23 |
| 1.18 | Advisories issued by Red Hat (RHSA-2005:830-4, RHSA-2005:829-7) | 2005-11-03 |
| 1.19 | Aviso emitido por SGI (20051101-01-U) | 2005-11-29 |