Oval Definition:oval:com.ubuntu.trusty:def:20105298000
Revision Date:2014-04-14Version:1
Title:CVE-2010-5298 on Ubuntu 14.04 LTS (trusty) - low.
Description:Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2010-5298
Platform(s):Ubuntu 14.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 14.04 LTS (trusty) is installed.
  • AND Package Information
  • The 'openssl' package in trusty was vulnerable but has been fixed (note: '1.0.1f-1ubuntu2.1').
  • OR NOT While related to the CVE in some way, the 'openssl098' package in trusty is not affected (note: 'code not present').
  • BACK