OVAL Reference oval:org.mitre.oval:def:21864

Oval Definition:

oval:org.mitre.oval:def:21864

Revision Date:	2015-04-20	Version:	25
Title:	HP-UX Running OpenSSL, Remote Unauthorized Access
Description:	OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.
Family:	unix	Class:	vulnerability
Status:	ACCEPTED	Reference(s):	CVE-2008-5077
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis
Criteria meets HP Security Bulletin HPSBUX02418 HP-UX B.11.11 AND filesets tests fips_1_1_2.FIPS-CONF version is less than FIPS-OPENSSL-1.1.2.046 OR fips_1_1_2.FIPS-DOC version is less than FIPS-OPENSSL-1.1.2.046 OR fips_1_1_2.FIPS-INC version is less than FIPS-OPENSSL-1.1.2.046 OR fips_1_1_2.FIPS-LIB version is less than FIPS-OPENSSL-1.1.2.046 OR fips_1_1_2.FIPS-MAN version is less than FIPS-OPENSSL-1.1.2.046 OR fips_1_1_2.FIPS-MIS version is less than FIPS-OPENSSL-1.1.2.046 OR fips_1_1_2.FIPS-RUN version is less than FIPS-OPENSSL-1.1.2.046 OR fips_1_1_2.FIPS-SRC version is less than FIPS-OPENSSL-1.1.2.046 OR Criteria meets HP Security Bulletin HPSBUX02418 HP-UX B.11.11 AND filesets tests fips_1_2.FIPS-CONF version is less than FIPS-OPENSSL-1.2.001 OR fips_1_2.FIPS-DOC version is less than FIPS-OPENSSL-1.2.001 OR fips_1_2.FIPS-INC version is less than FIPS-OPENSSL-1.2.001 OR fips_1_2.FIPS-LIB version is less than FIPS-OPENSSL-1.2.001 OR fips_1_2.FIPS-MAN version is less than FIPS-OPENSSL-1.2.001 OR fips_1_2.FIPS-MIS version is less than FIPS-OPENSSL-1.2.001 OR fips_1_2.FIPS-RUN version is less than FIPS-OPENSSL-1.2.001 OR fips_1_2.FIPS-SRC version is less than FIPS-OPENSSL-1.2.001 OR Criteria meets HP Security Bulletin HPSBUX02418 HP-UX B.11.11 AND filesets tests openssl.OPENSSL-CER version is less than A.00.09.07m.046 OR openssl.OPENSSL-CONF version is less than A.00.09.07m.046 OR openssl.OPENSSL-DOC version is less than A.00.09.07m.046 OR openssl.OPENSSL-INC version is less than A.00.09.07m.046 OR openssl.OPENSSL-LIB version is less than A.00.09.07m.046 OR openssl.OPENSSL-MAN version is less than A.00.09.07m.046 OR openssl.OPENSSL-MIS version is less than A.00.09.07m.046 OR openssl.OPENSSL-PRNG version is less than A.00.09.07m.046 OR openssl.OPENSSL-PVT version is less than A.00.09.07m.046 OR openssl.OPENSSL-RUN version is less than A.00.09.07m.046 OR openssl.OPENSSL-SRC version is less than A.00.09.07m.046 OR Criteria meets HP Security Bulletin HPSBUX02418 HP-UX B.11.23 AND filesets tests URL: version is less than FIPS-OPENSSL-1.1.2.047 OR fips_1_1_2.FIPS-CONF version is less than FIPS-OPENSSL-1.1.2.047 OR fips_1_1_2.FIPS-DOC version is less than FIPS-OPENSSL-1.1.2.047 OR fips_1_1_2.FIPS-INC version is less than FIPS-OPENSSL-1.1.2.047 OR fips_1_1_2.FIPS-LIB version is less than FIPS-OPENSSL-1.1.2.047 OR fips_1_1_2.FIPS-MAN version is less than FIPS-OPENSSL-1.1.2.047 OR fips_1_1_2.FIPS-MIS version is less than FIPS-OPENSSL-1.1.2.047 OR fips_1_1_2.FIPS-RUN version is less than FIPS-OPENSSL-1.1.2.047 OR fips_1_1_2.FIPS-SRC version is less than FIPS-OPENSSL-1.1.2.047 OR Criteria meets HP Security Bulletin HPSBUX02418 HP-UX B.11.23 AND filesets tests fips_1_2.FIPS-CONF version is less than FIPS-OPENSSL-1.2.002 OR fips_1_2.FIPS-DOC version is less than FIPS-OPENSSL-1.2.002 OR fips_1_2.FIPS-INC version is less than FIPS-OPENSSL-1.2.002 OR fips_1_2.FIPS-LIB version is less than FIPS-OPENSSL-1.2.002 OR fips_1_2.FIPS-MAN version is less than FIPS-OPENSSL-1.2.002 OR fips_1_2.FIPS-MIS version is less than FIPS-OPENSSL-1.2.002 OR fips_1_2.FIPS-RUN version is less than FIPS-OPENSSL-1.2.002 OR fips_1_2.FIPS-SRC version is less than FIPS-OPENSSL-1.2.002 OR Criteria meets HP Security Bulletin HPSBUX02418 HP-UX B.11.23 AND filesets tests openssl.OPENSSL-CER version is less than A.00.09.07m.047 OR openssl.OPENSSL-CONF version is less than A.00.09.07m.047 OR openssl.OPENSSL-DOC version is less than A.00.09.07m.047 OR openssl.OPENSSL-INC version is less than A.00.09.07m.047 OR openssl.OPENSSL-LIB version is less than A.00.09.07m.047 OR openssl.OPENSSL-MAN version is less than A.00.09.07m.047 OR openssl.OPENSSL-MIS version is less than A.00.09.07m.047 OR openssl.OPENSSL-PRNG version is less than A.00.09.07m.047 OR openssl.OPENSSL-PVT version is less than A.00.09.07m.047 OR openssl.OPENSSL-RUN version is less than A.00.09.07m.047 OR openssl.OPENSSL-SRC version is less than A.00.09.07m.047 OR Criteria meets HP Security Bulletin HPSBUX02418 HP-UX B.11.31 AND filesets tests URL: version is less than FIPS-OPENSSL-1.1.2.048 OR fips_1_1_2.FIPS-CONF version is less than FIPS-OPENSSL-1.1.2.048 OR fips_1_1_2.FIPS-DOC version is less than FIPS-OPENSSL-1.1.2.048 OR fips_1_1_2.FIPS-INC version is less than FIPS-OPENSSL-1.1.2.048 OR fips_1_1_2.FIPS-LIB version is less than FIPS-OPENSSL-1.1.2.048 OR fips_1_1_2.FIPS-MAN version is less than FIPS-OPENSSL-1.1.2.048 OR fips_1_1_2.FIPS-MIS version is less than FIPS-OPENSSL-1.1.2.048 OR fips_1_1_2.FIPS-RUN version is less than FIPS-OPENSSL-1.1.2.048 OR fips_1_1_2.FIPS-SRC version is less than FIPS-OPENSSL-1.1.2.048 OR Criteria meets HP Security Bulletin HPSBUX02418 HP-UX B.11.31 AND filesets tests fips_1_2.FIPS-CONF version is less than FIPS-OPENSSL-1.2.003 OR fips_1_2.FIPS-DOC version is less than FIPS-OPENSSL-1.2.003 OR fips_1_2.FIPS-INC version is less than FIPS-OPENSSL-1.2.003 OR fips_1_2.FIPS-LIB version is less than FIPS-OPENSSL-1.2.003 OR fips_1_2.FIPS-MAN version is less than FIPS-OPENSSL-1.2.003 OR fips_1_2.FIPS-MIS version is less than FIPS-OPENSSL-1.2.003 OR fips_1_2.FIPS-RUN version is less than FIPS-OPENSSL-1.2.003 OR fips_1_2.FIPS-SRC version is less than FIPS-OPENSSL-1.2.003 OR Criteria meets HP Security Bulletin HPSBUX02418 HP-UX B.11.31 AND filesets tests openssl.OPENSSL-CER version is less than A.00.09.08j.003 OR openssl.OPENSSL-CONF version is less than A.00.09.08j.003 OR openssl.OPENSSL-DOC version is less than A.00.09.08j.003 OR openssl.OPENSSL-INC version is less than A.00.09.08j.003 OR openssl.OPENSSL-LIB version is less than A.00.09.08j.003 OR openssl.OPENSSL-MAN version is less than A.00.09.08j.003 OR openssl.OPENSSL-MIS version is less than A.00.09.08j.003 OR openssl.OPENSSL-PRNG version is less than A.00.09.08j.003 OR openssl.OPENSSL-PVT version is less than A.00.09.08j.003 OR openssl.OPENSSL-RUN version is less than A.00.09.08j.003 OR openssl.OPENSSL-SRC version is less than A.00.09.08j.003

BACK