Debian update for OpenSSL - Secunia Advisories - Vulnerability Intelligence

Debian update for OpenSSL
Secunia Advisory:	SA8613	Advisory Toolbox: Issue ticket Save in to-do list Mark as handled Exploit information Download as PDF Review actions Add comment
Release Date:	2003-04-17
Popularity:	6,628 views

Critical:	Less critical
Impact:	Exposure of sensitive information
Where:	From remote
Solution Status:	Vendor Patch

OS:	Debian GNU/Linux 2.x Debian GNU/Linux 3.0 Debian GNU/Linux unstable alias sid

Subscribe:	Instant alerts on relevant vulnerabilities

CVE reference:	CVE-2003-0131 CVE-2003-0147

Description: Debian has issued updated packages for openssl. These fix two information disclosure vulnerabilities, which can be exploited by malicious people to gain knowledge of the pre-master secret or server's private key. For more information: http://secunia.com/advisories/8360/ http://secunia.com/advisories/8330/ Solution: Updated packages: -- Debian GNU/Linux 2.2 alias potato -- Source archives: http://security.debian.org/pool/updat...openssl/openssl_0.9.6c-0.potato.6.dsc Size/MD5 checksum: 634 10591fc4770bca4a1f9ea379776d6984 http://security.debian.org/pool/updat...ssl/openssl_0.9.6c-0.potato.6.diff.gz Size/MD5 checksum: 43587 0fe901b034e33fa6438f2eaa8ff944e8 http://security.debian.org/pool/updat.../o/openssl/openssl_0.9.6c.orig.tar.gz Size/MD5 checksum: 2153980 c8261d93317635d56df55650c6aeb3dc Architecture independent components: http://security.debian.org/pool/updat...nssl/ssleay_0.9.6c-0.potato.6_all.deb Size/MD5 checksum: 974 bec952e2a37b656b0a119d34b49e5b76 Alpha architecture: http://security.debian.org/pool/updat...ibssl-dev_0.9.6c-0.potato.6_alpha.deb Size/MD5 checksum: 1550896 18a0220e4fe8a40d284949fb152793d2 http://security.debian.org/pool/updat...bssl0.9.6_0.9.6c-0.potato.6_alpha.deb Size/MD5 checksum: 591474 c7372983cf09686d71419432f441d975 http://security.debian.org/pool/updat...l/openssl_0.9.6c-0.potato.6_alpha.deb Size/MD5 checksum: 746872 dd4f597dd5bbd758cb1ba62d7dc9f859 ARM architecture: http://security.debian.org/pool/updat.../libssl-dev_0.9.6c-0.potato.6_arm.deb Size/MD5 checksum: 1349872 91e13598de08a3644db2922a30a679ac http://security.debian.org/pool/updat...libssl0.9.6_0.9.6c-0.potato.6_arm.deb Size/MD5 checksum: 470164 6fa5ef903dd2a8a0b29cd71f406fdc6f http://security.debian.org/pool/updat...ssl/openssl_0.9.6c-0.potato.6_arm.deb Size/MD5 checksum: 730160 1b35d2d5bbb68459fa63c5a7f2d6c10d Intel IA-32 architecture: http://security.debian.org/pool/updat...libssl-dev_0.9.6c-0.potato.6_i386.deb Size/MD5 checksum: 1288032 3850ab8283aca40c94ca9a00647d6310 http://security.debian.org/pool/updat...ibssl0.9.6_0.9.6c-0.potato.6_i386.deb Size/MD5 checksum: 464042 3a55b08aa1d4cf668ccb1293db131cb4 http://security.debian.org/pool/updat...sl/openssl_0.9.6c-0.potato.6_i386.deb Size/MD5 checksum: 724766 1d1a726fce6def52ceed5481dfbcfd16 Motorola 680x0 architecture: http://security.debian.org/pool/updat...libssl-dev_0.9.6c-0.potato.6_m68k.deb Size/MD5 checksum: 1263766 978b891779cee8ec309333256f7c9359 http://security.debian.org/pool/updat...ibssl0.9.6_0.9.6c-0.potato.6_m68k.deb Size/MD5 checksum: 452710 7ad96d59e082d4eaa7d2f80c65a26eb0 http://security.debian.org/pool/updat...sl/openssl_0.9.6c-0.potato.6_m68k.deb Size/MD5 checksum: 721640 f05db1fde1a6487f192c79e695afc498 PowerPC architecture: http://security.debian.org/pool/updat...ssl-dev_0.9.6c-0.potato.6_powerpc.deb Size/MD5 checksum: 1385386 c6b4d0b82af7e7da562e89836add31cd http://security.debian.org/pool/updat...sl0.9.6_0.9.6c-0.potato.6_powerpc.deb Size/MD5 checksum: 504304 f3f74025eb51a78191717d00ca2ed9bc http://security.debian.org/pool/updat...openssl_0.9.6c-0.potato.6_powerpc.deb Size/MD5 checksum: 727426 a166aa6d87cde7df75c62d92eb185b74 Sun Sparc architecture: http://security.debian.org/pool/updat...ibssl-dev_0.9.6c-0.potato.6_sparc.deb Size/MD5 checksum: 1343526 4918ae13675c2ac1f33324fa499e545b http://security.debian.org/pool/updat...bssl0.9.6_0.9.6c-0.potato.6_sparc.deb Size/MD5 checksum: 484244 923e7e5aa94449f5a659b43bc1332b36 http://security.debian.org/pool/updat...l/openssl_0.9.6c-0.potato.6_sparc.deb Size/MD5 checksum: 738452 4b94d3325744a8275922af9ff0c9977c -- Debian GNU/Linux 3.0 alias woody -- Source archives: http://security.debian.org/pool/updat.../openssl/openssl_0.9.6c-2.woody.3.dsc Size/MD5 checksum: 632 c319c5b91489189a4cd08e2d5ad9db24 http://security.debian.org/pool/updat...nssl/openssl_0.9.6c-2.woody.3.diff.gz Size/MD5 checksum: 44230 523138ce8166309cff8708422c45f25d http://security.debian.org/pool/updat.../o/openssl/openssl_0.9.6c.orig.tar.gz Size/MD5 checksum: 2153980 c8261d93317635d56df55650c6aeb3dc Architecture independent components: http://security.debian.org/pool/updat...enssl/ssleay_0.9.6c-2.woody.3_all.deb Size/MD5 checksum: 974 7dec86ca4a69dc9f31b301e73b7caaf8 Alpha architecture: http://security.debian.org/pool/updat...libssl-dev_0.9.6c-2.woody.3_alpha.deb Size/MD5 checksum: 1551332 9f26f7d9e8de5d10970d71380a1c4ac3 http://security.debian.org/pool/updat...ibssl0.9.6_0.9.6c-2.woody.3_alpha.deb Size/MD5 checksum: 571108 8f0ce22ecbe4258afe9da1854913236a http://security.debian.org/pool/updat...sl/openssl_0.9.6c-2.woody.3_alpha.deb Size/MD5 checksum: 736170 5f480e031750c0d342bfe39f85f5aca7 ARM architecture: http://security.debian.org/pool/updat...l/libssl-dev_0.9.6c-2.woody.3_arm.deb Size/MD5 checksum: 1357932 7d54731ce61c36fea971ac7b470f455e http://security.debian.org/pool/updat.../libssl0.9.6_0.9.6c-2.woody.3_arm.deb Size/MD5 checksum: 473936 84b8cf64bb93d762c46301a9ebb5bda1 http://security.debian.org/pool/updat...nssl/openssl_0.9.6c-2.woody.3_arm.deb Size/MD5 checksum: 729648 14eb0ca3b7b1ed398429cb32973fa5d3 Intel IA-32 architecture: http://security.debian.org/pool/updat.../libssl-dev_0.9.6c-2.woody.3_i386.deb Size/MD5 checksum: 1290214 0e2f917c1e6a5ddb0ce86ba5ab7db78d http://security.debian.org/pool/updat...libssl0.9.6_0.9.6c-2.woody.3_i386.deb Size/MD5 checksum: 461564 48537d32b42d35ef1d716a10be1ae3b4 http://security.debian.org/pool/updat...ssl/openssl_0.9.6c-2.woody.3_i386.deb Size/MD5 checksum: 722960 89f47586c8c141050bae0a53dfb5fc6d Intel IA-64 architecture: http://security.debian.org/pool/updat.../libssl-dev_0.9.6c-2.woody.3_ia64.deb Size/MD5 checksum: 1615338 70bf2b0a8e890ae272266a5009d9e348 http://security.debian.org/pool/updat...libssl0.9.6_0.9.6c-2.woody.3_ia64.deb Size/MD5 checksum: 710900 9d150d59bff981cdb3243c4f5351714d http://security.debian.org/pool/updat...ssl/openssl_0.9.6c-2.woody.3_ia64.deb Size/MD5 checksum: 763438 b7029961edc6506e3721e5963a1a4e00 HP Precision architecture: http://security.debian.org/pool/updat.../libssl-dev_0.9.6c-2.woody.3_hppa.deb Size/MD5 checksum: 1434914 f8986d3f878776b79f2bbe0b03267bc2 http://security.debian.org/pool/updat...libssl0.9.6_0.9.6c-2.woody.3_hppa.deb Size/MD5 checksum: 564778 fae0d532efb2e022bfe56a4823b98b0c http://security.debian.org/pool/updat...ssl/openssl_0.9.6c-2.woody.3_hppa.deb Size/MD5 checksum: 741772 b3a93bc9f7003e1d691904f7ee795183 Motorola 680x0 architecture: http://security.debian.org/pool/updat.../libssl-dev_0.9.6c-2.woody.3_m68k.deb Size/MD5 checksum: 1266522 0a456cebb2b98edb7f83258a7dda52a3 http://security.debian.org/pool/updat...libssl0.9.6_0.9.6c-2.woody.3_m68k.deb Size/MD5 checksum: 450532 7331cb9cfff14f8c676d566a2ea99da1 http://security.debian.org/pool/updat...ssl/openssl_0.9.6c-2.woody.3_m68k.deb Size/MD5 checksum: 720300 12f5e2cd2e9bc7e6754e8c5b2bb9a98a Big endian MIPS architecture: http://security.debian.org/pool/updat.../libssl-dev_0.9.6c-2.woody.3_mips.deb Size/MD5 checksum: 1416102 9e76c0e93e6a56aee5eb7c236cc2800c http://security.debian.org/pool/updat...libssl0.9.6_0.9.6c-2.woody.3_mips.deb Size/MD5 checksum: 483556 39302c76273cd278f5ff3bddd79ac002 http://security.debian.org/pool/updat...ssl/openssl_0.9.6c-2.woody.3_mips.deb Size/MD5 checksum: 717674 c0102138e017690bd2e2bacbbb7923e1 Little endian MIPS architecture: http://security.debian.org/pool/updat...ibssl-dev_0.9.6c-2.woody.3_mipsel.deb Size/MD5 checksum: 1410154 2d8f191b102de75965d8027f9b9e59c3 http://security.debian.org/pool/updat...bssl0.9.6_0.9.6c-2.woody.3_mipsel.deb Size/MD5 checksum: 476594 e57c083d10e9480f4918b926c045277f http://security.debian.org/pool/updat...l/openssl_0.9.6c-2.woody.3_mipsel.deb Size/MD5 checksum: 716996 73e406755be34bcd4ab4375e32fe31b0 PowerPC architecture: http://security.debian.org/pool/updat...bssl-dev_0.9.6c-2.woody.3_powerpc.deb Size/MD5 checksum: 1386698 8b296b0c0c73592d9bc712cbc1623371 http://security.debian.org/pool/updat...ssl0.9.6_0.9.6c-2.woody.3_powerpc.deb Size/MD5 checksum: 502292 d2b5ab4e74589b60b3431ccf9878698c http://security.debian.org/pool/updat.../openssl_0.9.6c-2.woody.3_powerpc.deb Size/MD5 checksum: 726550 894d497326cff93c1ea2598874dd3cf6 IBM S/390 architecture: http://security.debian.org/pool/updat.../libssl-dev_0.9.6c-2.woody.3_s390.deb Size/MD5 checksum: 1326332 e2bd80e76e1143879ea3108bcbfd8dbf http://security.debian.org/pool/updat...libssl0.9.6_0.9.6c-2.woody.3_s390.deb Size/MD5 checksum: 510344 3995f9758870aef5910e2a6c2f9131f7 http://security.debian.org/pool/updat...ssl/openssl_0.9.6c-2.woody.3_s390.deb Size/MD5 checksum: 731512 f3f492d0fba0f3705b25bd338898194b Sun Sparc architecture: http://security.debian.org/pool/updat...libssl-dev_0.9.6c-2.woody.3_sparc.deb Size/MD5 checksum: 1344130 f4170862c53fa45168eeb37472b8f156 http://security.debian.org/pool/updat...ibssl0.9.6_0.9.6c-2.woody.3_sparc.deb Size/MD5 checksum: 484622 6e7c3a1af508ac8108bbc000aab920aa http://security.debian.org/pool/updat...sl/openssl_0.9.6c-2.woody.3_sparc.deb Size/MD5 checksum: 737048 92a5777b5fc869bc6af8632b3e0f6b82 -- Debian GNU/Linux unstable alias sid -- Fixed in OpenSSL version 0.9.7b-1 and OpenSSL096 version 0.9.6j-1. Original Advisory: http://www.debian.org/security/2003/dsa-288

Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released. Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise. Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

Latest Advisories

Today

New advisories:	20
New vulnerabilities:	81
Updated advisories:	34

Less // 109 views

Novell Netware ApacheAdmin Console Security Bypass

Moderately // 103 views

Webboard Street SQL Injection and Information Disclosure

Moderately // 128 views

Null FTP Server "SITE" Parameters Command Injection Vulnerability

Moderately // 110 views

User Engine Lite ASP Database Disclosure

Moderately // 120 views

Merlix Template Creature "mcatid" SQL Injection Vulnerability

Highly // 145 views

CcTiddly Multiple File Inclusion Vulnerabilities

Not // 217 views

Tor Two Weaknesses

Moderately // 164 views

Tribiq CMS "cID" SQL Injection Vulnerability

Highly // 165 views

Gravity GTD File Inclusion and PHP Code Injection

Highly // 281 views

Trillian Multiple Vulnerabilities

Solutions | More...

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com. Ideas, suggestions, and other feedback are most welcome.