vulnerability
Ubuntu: (Multiple Advisories) (CVE-2015-7575): OpenSSL vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:P/A:N) | Jan 8, 2016 | Feb 2, 2016 | Apr 14, 2025 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
Jan 8, 2016
Added
Feb 2, 2016
Modified
Apr 14, 2025
Description
Karthikeyan Bhargavan and Gaetan Leurent discovered that OpenSSL
incorrectly allowed MD5 to be used for TLS 1.2 connections. If a remote
attacker were able to perform a machine-in-the-middle attack, this flaw could
be exploited to view sensitive information.
Solution(s)
ubuntu-upgrade-firefoxubuntu-upgrade-icedtea-7-jre-jamvmubuntu-upgrade-libgnutls-deb0-28ubuntu-upgrade-libgnutls-openssl27ubuntu-upgrade-libgnutls26ubuntu-upgrade-libgnutlsxx27ubuntu-upgrade-libgnutlsxx28ubuntu-upgrade-libnss3ubuntu-upgrade-libssl1-0-0ubuntu-upgrade-openjdk-7-jreubuntu-upgrade-openjdk-7-jre-headlessubuntu-upgrade-openjdk-7-jre-libubuntu-upgrade-openjdk-7-jre-zeroubuntu-upgrade-thunderbird
References
- CVE-2015-7575
- https://attackerkb.com/topics/CVE-2015-7575
- DEBIAN-DLA-410-1
- DEBIAN-DSA-3436
- DEBIAN-DSA-3437
- DEBIAN-DSA-3457
- DEBIAN-DSA-3458
- DEBIAN-DSA-3465
- DEBIAN-DSA-3491
- DEBIAN-DSA-3688
- NVD-CVE-2015-7575
- UBUNTU-USN-2863-1
- UBUNTU-USN-2864-1
- UBUNTU-USN-2865-1
- UBUNTU-USN-2866-1
- UBUNTU-USN-2880-1
- UBUNTU-USN-2884-1
- UBUNTU-USN-2902-1
- UBUNTU-USN-2904-1
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.