Slackware Advisory SSA:2005-286-01 OpenSSL Network Vulnerability

Summary

The remote host is missing an update as announced via advisory SSA:2005-286-01.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2005-286-01

Insight

New OpenSSL packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a security issue. Under certain conditions, an attacker acting as a 'man in the middle' may force a client and server to fall back to the less-secure SSL 2.0 protocol. More details about this issue may be found here: http://www.openssl.org/news/secadv_20051011.txt

Severity

Classification

CVE CVE-2005-2969
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Slackware Advisory SSA:2007-066-05 seamonkey
Slackware Advisory SSA:2006-142-02 zoo archiver overflow
Slackware Advisory SSA:2007-066-04 mozilla-thunderbird
Slackware Advisory SSA:2007-164-01 libexif
Slackware Advisory SSA:2003-168-01 2.4.21 kernels available

Take action and discover your vulnerabilities