Andrew
10-01-03, 07:31 PM
OpenSSL ASN.1 Encoding Vulnerability -- ALERT
There is no known impact on Windows Systems.
However, if you are running a web server and have installed or are using OpenSSL, your systems may be vulnerable.
People who are not running a web server do not need to worry about this vulnerability.
Systems Affected:
Apple Mac OS X versions prior to 10.2.8
Red Hat Enterprise Linux
Red Hat Linux 7.1, 7.2, 7.3, 8.0 and 9.0
SSH Communications products
RSA Networks products
Description:
Denial of Service on e-commerce servers and web servers is possible when this vulnerability is exploited. Execution of arbitrary code is possible under some conditions.
Actions:
Administrators are advised to upgrade to the corrected versions of OpenSSL. The updated version can be found at http://www.openssl.org/source/
There is no known impact on Windows Systems.
However, if you are running a web server and have installed or are using OpenSSL, your systems may be vulnerable.
People who are not running a web server do not need to worry about this vulnerability.
Systems Affected:
Apple Mac OS X versions prior to 10.2.8
Red Hat Enterprise Linux
Red Hat Linux 7.1, 7.2, 7.3, 8.0 and 9.0
SSH Communications products
RSA Networks products
Description:
Denial of Service on e-commerce servers and web servers is possible when this vulnerability is exploited. Execution of arbitrary code is possible under some conditions.
Actions:
Administrators are advised to upgrade to the corrected versions of OpenSSL. The updated version can be found at http://www.openssl.org/source/