- Home
- CVEs with nessus.description==The remote OracleVM system is missing necessary patches to address
critical security updates :
- CVE-2016-0799 - Fix memory issues in BIO_*printf
functions
- CVE-2016-2105 - Avoid overflow in EVP_EncodeUpdate
- CVE-2016-2106 - Fix encrypt overflow
- CVE-2016-2109 - Harden ASN.1 BIO handling of large
amounts of data.
- To disable SSLv2 client connections create the file
/etc/sysconfig/openssl-ssl-client-kill-sslv2 (John
Haxby) [orabug 21673934]
- Backport openssl 08-Jan-2015 security fixes (John Haxby)
[orabug 20409893]
- fix CVE-2014-3570 - Bignum squaring may produce
incorrect results
- fix CVE-2014-3571 - DTLS segmentation fault in
dtls1_get_record
- fix CVE-2014-3572 - ECDHE silently downgrades to ECDH
[Client]
- fix CVE-2016-2108 - memory corruption in ASN.1 encoder
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top