OpenSSL Multiple Vulnerabilities
Last Update Date:
8 Dec 2017 09:43
Release Date:
8 Dec 2017
3538
Views
RISK: Medium Risk
TYPE: Servers - Web Servers
![TYPE: Web Servers](/f/bulletin_type/100012/37p37/servers-webservers.png)
Multiple vulnerabilities were identified in OpenSSL, which could be exploited by attackers to bypass security restriction and disclose sensitive information on the targeted system.
Impact
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
- Versions prior to 1.0.2n
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- The vendor has issued a fix (1.0.2n)
- A fixed version of 1.1.0 for CVE-2017-3738 is not available. The source code fix for that version will be included in the future version 1.1.0h.
Vulnerability Identifier
Source
Related Link
Share with