Oval Definition:	oval:com.ubuntu.precise:def:20115095000
Revision Date: 2012-06-20 Version: 1 Title: CVE-2011-5095 on Ubuntu 12.04 LTS (precise) - negligible. Description: The Diffie-Hellman key-exchange implementation in OpenSSL 0.9.8, when FIPS mode is enabled, does not properly validate a public parameter, which makes it easier for man-in-the-middle attackers to obtain the shared secret key by modifying network traffic, a related issue to CVE-2011-1923. Family: unix Class: vulnerability Status: Reference(s): CVE-2011-5095 Platform(s): Ubuntu 12.04 LTS Product(s): Definition Synopsis Ubuntu 12.04 LTS (precise) is installed. AND Package Information NOT While related to the CVE in some way, the 'openssl' package in precise is not affected. OR While related to the CVE in some way, a decision has been made to ignore it (note: 'code not compiled').
BACK