OpenSSL Multiple Vulnerabilities (20150108 - 2) - Linux

OpenSSL is prone to multiple vulnerabilities.

The following flaws exist: - CVE-2015-0206: A memory leak can occur in the dtls1_buffer_record function under certain conditions. In particular this could occur if an attacker sent repeated DTLS records with the same sequence number but for the next epoch. The memory leak could be exploited by an attacker in a Denial of Service attack through memory exhaustion. - CVE-2015-0205: An OpenSSL server will accept a DH certificate for client authentication without the certificate verify message. This effectively allows a client to authenticate without the use of a private key. This only affects servers which trust a client certificate authority which issues certificates containing DH keys: these are extremely rare and hardly ever encountered.

OpenSSL version 1.0.0 through 1.0.0o and 1.0.1 through 1.0.1j.

Checks if a vulnerable version is present on the target host.

Update to version 1.0.0p, 1.0.1k or later.