Oval Definition:oval:org.opensuse.security:def:20153455
Revision Date:2022-05-20Version:1
Title:CVE-2015-3455
Description:

Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4.x before 3.4.13, and 3.5.x before 3.5.4, when configured with client-first SSL-bump, do not properly validate the domain or hostname fields of X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2015-3455
Mitre CVE-2015-3455
SUSE CVE-2015-3455
openSUSE-SU-2015:1546-1
openSUSE-SU-2015:1546-1
openSUSE-SU-2016:2081-1
openSUSE-SU-2016:2081-1
SUSE-SU-2016:2008-1
SUSE-SU-2016:2008-1
Platform(s):openSUSE 13.1
openSUSE 13.2
openSUSE Leap 42.1
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
Product(s):
Definition Synopsis
  • openSUSE 13.1 is installed
  • AND squid-3.3.13-2.17.1 is installed
    • Definition Synopsis
  • openSUSE 13.2 is installed
  • AND squid-3.4.4-3.7.1 is installed
    • Definition Synopsis
  • openSUSE Leap 42.1 is installed
  • AND Package Information
  • squid-3.3.14-6.1 is installed
  • AND squid is signed with openSUSE key
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND squid-3.3.14-20 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP1 is installed
  • AND squid-3.3.14-20.2 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND squid is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP2 is installed
  • OR SUSE Linux Enterprise Server 11 SP3 is installed
  • AND
  • squid is not affected
  • OR squid3 is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP2 is installed
  • OR SUSE Linux Enterprise Server 11 SP3 is installed
  • AND Package Information
  • squid is not affected
  • OR squid3 is not affected
    • BACK