Vulnwatch mailing list archives
[CIRT.DK - Advisory] Novell iManager 2.0.2 ASN.1 Parsing vulnerability in Apache module
From: "CIRT.DK Mailinglists" <mailinglists () cirt dk>
Date: Sun, 12 Jun 2005 23:57:21 +0200
ID: NOVL102200 Domain: primus Solution Class: Novell Fact: Novell iManager 2.02 Fact: Apache 2.0.48 Fact: OpenSSL 0.9.7 Symptom: OpenSSL ASN.1 Parsing vulnerability in Apache Symptom: Server stops responding and an error occurs Cause: Multiple vulnerabilities were reported in the ASN.1 parsing code in OpenSSL. These issues could be exploited to cause a denial of service or to execute arbitrary code. Fix: These vulnerabilites are corrected in OpenSSL 0.9.7d. iManager 2.5 ships with OpenSSL 0.9.7d - to resolve the vulnerability upgrading is suggested. Read the full advisory at http://www.cirt.dk
Current thread:
- [CIRT.DK - Advisory] Novell iManager 2.0.2 ASN.1 Parsing vulnerability in Apache module CIRT.DK Mailinglists (Jun 13)