Oval Definition:oval:org.opensuse.security:def:20087270
Revision Date:2017-09-27Version:1
Title:CVE-2008-7270
Description:

OpenSSL before 0.9.8j, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the use of a disabled cipher via vectors involving sniffing network traffic to discover a session identifier, a different vulnerability than CVE-2010-4180.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2008-7270
Platform(s):SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T
SUSE Linux Enterprise Desktop 10 SP3 for x86
SUSE Linux Enterprise Desktop 11 GA
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise SDK 10 SP3
SUSE Linux Enterprise SDK 11 GA
SUSE Linux Enterprise Server 10 SP3
SUSE Linux Enterprise Server 11 GA
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server for SAP 10 SP3
SUSE Linux Enterprise Software Development Kit 11 SP1
Product(s):
Definition Synopsis
  • Release Information
  • sles10-sp3 is installed
  • AND
  • openssl-32bit less than 0.9.8a-18.43.1
  • OR openssl-64bit less than 0.9.8a-18.43.1
  • OR openssl-devel-32bit less than 0.9.8a-18.43.1
  • OR openssl-devel-64bit less than 0.9.8a-18.43.1
  • OR openssl-devel less than 0.9.8a-18.43.1
  • OR openssl-doc less than 0.9.8a-18.43.1
  • OR openssl-x86 less than 0.9.8a-18.43.1
  • OR openssl less than 0.9.8a-18.43.1
  • OR Package Information
  • sles10-sp3-sap is installed
  • AND
  • openssl-32bit less than 0.9.8a-18.43.1
  • OR openssl-devel-32bit less than 0.9.8a-18.43.1
  • OR openssl-devel less than 0.9.8a-18.43.1
  • OR openssl-doc less than 0.9.8a-18.43.1
  • OR openssl less than 0.9.8a-18.43.1
  • OR Package Information
  • sles10-sp3-sdk is installed
  • AND openssl-doc less than 0.9.8a-18.43.1
    • BACK