View Full Version : OpenSSL ASN.1 Encoding Vulnerability -- ALERT


Andrew
10-01-03, 07:31 PM
OpenSSL ASN.1 Encoding Vulnerability -- ALERT

There is no known impact on Windows Systems.

However, if you are running a web server and have installed or are using OpenSSL, your systems may be vulnerable.

People who are not running a web server do not need to worry about this vulnerability.

Systems Affected:

Apple Mac OS X versions prior to 10.2.8
Red Hat Enterprise Linux
Red Hat Linux 7.1, 7.2, 7.3, 8.0 and 9.0
SSH Communications products
RSA Networks products

Description:
Denial of Service on e-commerce servers and web servers is possible when this vulnerability is exploited. Execution of arbitrary code is possible under some conditions.

Actions:
Administrators are advised to upgrade to the corrected versions of OpenSSL. The updated version can be found at http://www.openssl.org/source/