Oval Definition:	oval:org.mitre.oval:tst:38150
Comment: openssl096b is earlier than 0:0.9.6b-16.49 Type: rpminfo_test Namespace: linux Check_Existence: at_least_one_exists Check: at least one State Operator: AND References Object: oval:org.mitre.oval:obj:14258 State: oval:org.mitre.oval:ste:10633 Referencing Definitions Definition ID Class Title Last Modified oval:org.mitre.oval:def:9155 V OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys. 2013-04-29
BACK