From: Slava Dubrovskiy <slava@tangramltd.com> To: Sisyphus@lists.altlinux.org Subject: [sisyphus] OpenSSL overflow Date: Mon, 25 May 2009 15:56:31 +0300 Message-ID: <4A1A957F.9080206@tangramltd.com> (raw) [-- Attachment #1: Type: text/plain, Size: 1828 bytes --] Здравствуйте Использую бранч 5.0 Банк требует прохождение сервером теста https://www.hackerguardian.com При тестировании получаю: Security hole found on port/service "https (443/tcp)" Plugin "OpenSSL overflow (generic test)" Category "Gain a shell remotely " Priority "Medium Priority "The remote host seems to be using a version of OpenSSL which is older than 0.9.6e or 0.9.7-beta3 This version is vulnerable to a buffer overflow which, may allow an attacker to obtain a shell on this host. *** Note that since safe checks are enabled, this check *** might be fooled by non-openssl implementations and *** produce a false positive. *** In doubt, re-execute the scan without the safe checks Solution : Upgrade to version 0.9.6e (0.9.7beta3) or newer Risk factor : High CVE: CVE-2002-0656 http://cgi.nessus.org/cve.php3?cve=CVE-2002-0656 CVE-2002-0655 http://cgi.nessus.org/cve.php3?cve=CVE-2002-0655 CVE-2002-0657 http://cgi.nessus.org/cve.php3?cve=CVE-2002-0657 CVE-2002-0659 http://cgi.nessus.org/cve.php3?cve=CVE-2002-0659 CVE-2001-1141 http://cgi.nessus.org/cve.php3?cve=CVE-2001-1141 BID : 3004, 5361, 5362, 5363, 5364, 5366 Other references : IAVA:2002-a-0004, OSVDB:853, OSVDB:857, OSVDB:3940, OSVDB:3941, OSVDB:3942, OSVDB:3943, SuSE:SUSE-SA:2002:033 Естественно что на сервере: # rpm -qa | grep -i ssl libssl7-0.9.8j-alt1 openssl-0.9.8j-alt1 Вопрос: Это ошибка теста, или эта уязвимость действительно существует? Как проверить и доказать что уязвимости нет? -- WBR, Dubrovskiy Vyacheslav [-- Attachment #2: S/MIME Cryptographic Signature --] [-- Type: application/pkcs7-signature, Size: 3262 bytes --]
next reply other threads:[~2009-05-25 12:56 UTC|newest] Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top 2009-05-25 12:56 Slava Dubrovskiy [this message] 2009-05-25 13:02 ` Max Ivanov 2009-05-25 13:30 ` Slava Dubrovskiy 2009-05-25 17:59 ` Slava Dubrovskiy 2009-05-25 13:36 ` Vladimir Lettiev 2009-05-25 14:24 ` Evgeny Sinelnikov 2009-05-25 14:24 ` Evgeny Sinelnikov
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=4A1A957F.9080206@tangramltd.com \ --to=slava@tangramltd.com \ --cc=Sisyphus@lists.altlinux.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
ALT Linux Sisyphus discussions This inbox may be cloned and mirrored by anyone: git clone --mirror http://lore.altlinux.org/sisyphus/0 sisyphus/git/0.git # If you have public-inbox 1.1+ installed, you may # initialize and index your mirror using the following commands: public-inbox-init -V2 sisyphus sisyphus/ http://lore.altlinux.org/sisyphus \ sisyphus@altlinux.ru sisyphus@altlinux.org sisyphus@lists.altlinux.org sisyphus@lists.altlinux.ru sisyphus@lists.altlinux.com sisyphus@linuxteam.iplabs.ru sisyphus@list.linux-os.ru public-inbox-index sisyphus Example config snippet for mirrors. Newsgroup available over NNTP: nntp://lore.altlinux.org/org.altlinux.lists.sisyphus AGPL code for this site: git clone https://public-inbox.org/public-inbox.git