Oval Definition:	oval:org.mitre.oval:def:24741
Revision Date: 2014-08-04 Version: 44 Title: OpenSSL vulnerability in 0.9.8, makes it easier for man-in-the-middle attackers to obtain the shared secret key by modifying network traffic Description: The Diffie-Hellman key-exchange implementation in OpenSSL 0.9.8, when FIPS mode is enabled, does not properly validate a public parameter, which makes it easier for man-in-the-middle attackers to obtain the shared secret key by modifying network traffic, a related issue to CVE-2011-1923. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2011-5095 Platform(s): Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Vista Microsoft Windows XP Product(s): OpenSSL Definition Synopsis Check vulnerable OpenSSL Check if the version of OpenSSL 0.9.8 AND OpenSSL is installed OR Check vulnerable OpenSSL (32_bit) Check if the version of OpenSSL 0.9.8 (32_bit) AND OpenSSL (32_bit) is installed OR Check if the version of ssleay32.dll 0.9.8 OR Check if the version of ssleay32.dll 0.9.8 (32_bit) OR Check if the version of ssleay32.dll 0.9.8 under System Root
BACK