Sun Patch: N1 Grid Engine 6.0_x86: maintenance patch
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | February 23, 2007 | February 23, 2007 | May 27, 2016 |
Description
Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers.
Scan For This Vulnerability
Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities
References
- APPLE-APPLE-SA-2006-11-28
- BID-20246
- BID-20247
- BID-20248
- BID-20249
- BID-22083
- BID-28276
- CERT-TA06-333A
- CERT-VN-247744
- CERT-VN-386964
- CERT-VN-547300
- CVE-2006-2937
- CVE-2006-2940
- CVE-2006-3738
- CVE-2006-4343
- DEBIAN-DSA-1185
- DEBIAN-DSA-1195
- NETBSD-NetBSD-SA2008-007
- OVAL-OVAL10207
- OVAL-OVAL10311
- OVAL-OVAL10560
- OVAL-OVAL4256
- OVAL-OVAL4356
- OVAL-OVAL9370
- REDHAT-RHSA-2006:0695
- REDHAT-RHSA-2008:0629
- SGI-20061001-01-P
- SUNPATCH-124521-05
- SUSE-SUSE-SA:2006:058
- XF-29228
- XF-29230
- XF-29237
- XF-29240
Solution
sunpatch-solaris-124521Related Vulnerabilities
- HP System Management Homepage - HPSBMA02250 (CVE-2006-2937): Linux and Windows, Remote Execution of Arbitrary Code and Denial of Service (DoS)
- OpenSSL SSL_get_shared_ciphers() buffer overflow (CVE-2006-3738)
- Gentoo Linux: CVE-2007-5269: VMware Player, Server, Workstation: Multiple vulnerabilities
- Sun Patch: SunOS 5.4: /dev/qec should protect against being opened directly
- OS X security update 2006-007 for OpenSSL (CVE-2006-4339)
- Gentoo Linux: CVE-2006-2937: OpenSSL: Multiple vulnerabilities
- VMware Workstation: Updated OpenSSL library to address various security vulnerabilities (VMSA-2008-0005) (CVE-2006-4339)
- HP System Management Homepage - HPSBMA02250 (CVE-2006-4339): Linux and Windows, Remote Execution of Arbitrary Code and Denial of Service (DoS)
- Oracle Linux: CVE-2006-2940: ELSA-2016-3558 - openssl security update
- ELSA-2009-0004 Important: Enterprise Linux openssl security update
- OS X security update 2006-007 for OpenSSL (CVE-2006-3738)
- RHSA-2007:0992: libpng security update
- VMware Player: Updated OpenSSL library to address various security vulnerabilities (VMSA-2008-0005) (CVE-2006-2937)
- VMware Player: DHCP denial of service vulnerability (VMSA-2008-0005) (CVE-2008-1364)
- VMware Player: Windows 2000 based hosted products privilege escalation vulnerability (VMSA-2008-0005) (CVE-2007-5618)
- VMware Player: Local Privilege Escalation on Windows based platforms by Hijacking VMware VMX configuration file (VMSA-2008-0005) (CVE-2008-1363)
- RHSA-2008:0629: Red Hat Network Satellite Server Solaris client security update
- VMware Player: Insecure named pipes (VMSA-2008-0005) (CVE-2008-1362)
- VMware Workstation: Insecure named pipes (VMSA-2008-0005) (CVE-2008-1362)
- FreeBSD: openoffice.org -- multiple vulnerabilities (Multiple CVEs)
- Sun Patch: SunOS 5.9: Kernel Patch
- SUSE-SA:2006:055: openssl,mozilla-nss RSA signature evasion
- Sun Patch: SunOS 5.10_x86: kernel patch
- F5 Networks: K6623 (CVE-2006-4339): OpenSSL signature vulnerability - CVE-2006-4339
- Sun Patch: StarOffice 8 (Solaris): Update 18
- FreeBSD: openssl -- Incorrect PKCS#1 v1.5 padding validation in crypto(3) (FreeBSD-SA-06:19.openssl) (CVE-2006-4339)
- OS X security update 2006-007 for OpenSSL (CVE-2006-2940)
- Apache HTTPD: Requests can cause directory listing to be displayed (CVE-2001-0729)
- Sun Patch: StarSuite 8 (Solaris): Update 18
- Sun Patch: StarSuite 8 (Solaris_x86): Update 18
- OS X security update 2008-002 for X11 (CVE-2007-5269)
- SUSE-SA:2006:061: opera
- SUSE Linux Security Vulnerability: CVE-2006-4343
- RHSA-2008:0525: Red Hat Network Satellite Server Solaris client security update
- Sun Patch: GNOME 2.0.0_x86: libpng Patch
- VMware Player: Virtual Machine Communication Interface (VMCI) memory corruption resulting in denial of service (VMSA-2008-0005) (CVE-2008-1340)
- HP System Management Homepage - HPSBMA02250 (CVE-2006-2940): Linux and Windows, Remote Execution of Arbitrary Code and Denial of Service (DoS)
- FreeBSD: png -- multiple vulnerabilities (Multiple CVEs)
- Oracle Linux: CVE-2006-3738: ELSA-2016-3558 - openssl security update
- Sun Patch: GNOME 2.0.2: 64bit libpng Patch
- Sun Patch: SunOS 5.9_x86: bootconfchk patch
- Oracle Linux: CVE-2006-4343: ELSA-2016-3558 - openssl security update
- Gentoo Linux: CVE-2008-1392: VMware Player, Server, Workstation: Multiple vulnerabilities
- RHSA-2006:0661: openssl security update
- VMware Workstation: Local Privilege Escalation on Windows based platforms by Hijacking VMware VMX configuration file (VMSA-2008-0005) (CVE-2008-1363)
- VMware Workstation: DHCP denial of service vulnerability (VMSA-2008-0005) (CVE-2008-1364)
- Apple Java security update for CVE-2006-4339
- OS X security update 2006-007 for OpenSSL (CVE-2006-2937)
- SUSE Linux Security Advisory: SUSE-SR:2006:026
- ELSA-2007-0992 Moderate: Enterprise Linux libpng security update
- OS X update for ImageIO (CVE-2007-5269)
- F5 Networks: K6734 (CVE-2006-2940): Local OpenSSL vulnerabilities VU#547300 and VU#386964, CAN-2006-3738, CAN-2006-2940, CAN-2006-2937, CAN-2006-4343
- FileZilla Server/OpenSSL Multiple Vulnerabilities
- Gentoo Linux: CVE-2006-4339: OpenSSL, AMD64 x86 emulation base libraries: RSA signature forgery
- Sun Patch: Web Server 6.1: Sun ONE Web Server 6.1 Patch WS61SP13
- Sun Patch: NSS_NSPR_JSS 3.35: NSPR 4.18 / NSS 3.35 / JSS 4.3.2
- VMware Player: Updated OpenSSL library to address various security vulnerabilities (VMSA-2008-0005) (CVE-2006-2940)
- FreeBSD: opera -- RSA Signature Forgery (CVE-2006-4339)
- Sun Patch: N1 Grid Engine 6.0: maintenance patch
- Sun Patch: SunOS 5.4: usr/bin/ps and usr/ucb/ps patch
- CESA-2007:0072: IBMJava2 security update
- VMware Workstation: Updated OpenSSL library to address various security vulnerabilities (VMSA-2008-0005) (CVE-2006-2940)
- Sun Patch: Security 3.3.4.8: NSPR 4.1.6 / NSS 3.3.4.8
- Sun Patch: SunOS 5.10: kernel patch
- Sun Patch: SunOS 5.10_x86: libpng Patch
- RHSA-2007:0062: java-1.4.2-ibm security update
- HP System Management Homepage - HPSBMA02250 (CVE-2006-3738): Linux and Windows, Remote Execution of Arbitrary Code and Denial of Service (DoS)
- Gentoo Linux: CVE-2008-1361: VMware Player, Server, Workstation: Multiple vulnerabilities
- VMware Workstation: Updated libpng library to version 1.2.22 to address various security vulnerabilities (VMSA-2008-0005) (CVE-2007-5269)
- Oracle DBMS_CAPTURE_ADM_INTERNAL Buffer Overflow
- HP System Management Homepage - HPSBMA02250 (CVE-2006-4343): Linux and Windows, Remote Execution of Arbitrary Code and Denial of Service (DoS)
- Sun Patch: SunOS 5.9: bootconfchk patch
- Sun Patch: NSS_NSPR_JSS 3.30.2_x86: NSPR 4.15 / NSS 3.30.2 / JSS 4.3.2
- SUSE-SR:2006:024:vuln2: openssl: remote denial of service
- SUSE-SA:2006:058: openssl security problems
- Sun Patch: GNOME 2.0.2_x86: libpng Patch
- Sun Patch: SunOS 5.9: pkg utilities Patch
- RHSA-2007:0072: IBMJava2 security update
- Sun Patch: NSS_NSPR_JSS 3.35: NSPR 4.18 / NSS 3.35 / JSS 4.3.2
- VMware Workstation: Windows 2000 based hosted products privilege escalation vulnerability (VMSA-2008-0005) (CVE-2007-5618)
- VMware Player: Updated OpenSSL library to address various security vulnerabilities (VMSA-2008-0005) (CVE-2006-4343)
- F5 Networks: K6734 (CVE-2006-3738): Local OpenSSL vulnerabilities VU#547300 and VU#386964, CAN-2006-3738, CAN-2006-2940, CAN-2006-2937, CAN-2006-4343
- Sun Patch: SunOS 5.9_x86: pkg utilities Patch
- MFSA2006-60 Firefox: RSA Signature Forgery (CVE-2006-4339)
- SUSE Linux Security Vulnerability: CVE-2006-4339
- RHSA-2007:0073: java-1.5.0-ibm security update
- OpenSSL get_server_hello() null pointer dereference denial of service (CVE-2006-4343)
- Oracle Linux: CVE-2006-2937: ELSA-2016-3558 - openssl security update
- VMware Player: Host to guest shared folder (HGFS) traversal vulnerability (VMSA-2008-0005) (CVE-2008-0923)
- VMware Fusion: DHCP denial of service vulnerability (VMSA-2008-0005) (CVE-2008-1364)
- SUSE Linux Security Vulnerability: CVE-2006-3738
- Gentoo Linux: CVE-2008-1363: VMware Player, Server, Workstation: Multiple vulnerabilities
- Sun Patch: SunOS 5.9_x86: wanboot and pkg utilities Patch
- CESA-2007:0992: libpng security update
- Missing Oracle Critical Patch Update (CPU) for January 2007
- Sun Patch: SunOS 5.10: libpng Patch
- USN-730-1: libpng vulnerabilities
- Sun Patch: SunOS 5.4_x86: /usr/lib/nfs/mountd patch
- Gentoo Linux: CVE-2008-1362: VMware Player, Server, Workstation: Multiple vulnerabilities
- Sun Patch: SunOS 5.10: kernel patch