info
discussion
exploit
solution
references
OpenSSL PRNG Internal State Disclosure Vulnerability
Solution:
Vendor-supplied patches that rectify this issue are available:
OpenSSL Project OpenSSL 0.9.5
Conectiva 4.1 i386 openssl-0.9.5a-2U41_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.1/i386/openssl-0.9.5a-2U41_1cl.i 386.rpm
Conectiva 4.1 i386 openssl-devel-0.9.5a-2U41_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.1/i386/openssl-devel-0.9.5a-2U41 _1cl.i386.rpm
Conectiva 4.2 i386 openssl-0.9.5a-2U42_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.2/i386/openssl-0.9.5a-2U42_1cl.i 386.rpm
Conectiva 4.2 i386 openssl-devel-0.9.5a-2U42_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.2/i386/openssl-devel-0.9.5a-2U42 _1cl.i386.rpm
Conectiva 5.0 i386 openssl-0.9.5a-2U50_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/openssl-0.9.5a-2U50_1cl.i 386.rpm
Conectiva 5.0 i386 openssl-devel-0.9.5a-2U50_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/openssl-devel-0.9.5a-2U50 _1cl.i386.rpm
Conectiva 5.1 i386 openssl-0.9.5a-2U51_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/openssl-0.9.5a-2U51_1cl.i 386.rpm
Conectiva 5.1 i386 openssl-devel-0.9.5a-2U51_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/openssl-devel-0.9.5a-2U51 _1cl.i386.rpm
Conectiva ecommerce i386 openssl-0.9.5a-2U50_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/openssl -0.9.5a-2U50_1cl.i386.rpm
Conectiva ecommerce i386 openssl-devel-0.9.5a-2U50_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/openssl -devel-0.9.5a-2U50_1cl.i386.rpm
Conectiva graficas i386 openssl-0.9.5a-2U50_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/openssl- 0.9.5a-2U50_1cl.i386.rpm
Conectiva graficas i386 openssl-devel-0.9.5a-2U50_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/openssl- devel-0.9.5a-2U50_1cl.i386.rpm
OpenSSL Project OpenSSL 0.9.6 a
Conectiva 6.0 i386 openssl-0.9.6-4U60_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/openssl-0.9.6-4U60_1cl.i3 86.rpm
Conectiva 7.0 i386 openssl-0.9.6a-3U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/openssl-0.9.6a-3U70_1cl.i 386.rpm
Conectiva 7.0 i386 openssl-devel-0.9.6a-3U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/openssl-devel-0.9.6a-3U70 _1cl.i386.rpm
Conectiva 7.0 i386 openssl-devel-static-0.9.6a-3U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/openssl-devel-static-0.9. 6a-3U70_1cl.i386.rpm
Conectiva 7.0 i386 openssl-doc-0.9.6a-3U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/openssl-doc-0.9.6a-3U70_1 cl.i386.rpm
EnGarde Secure Linux 1.0.1 i386 openssl-0.9.6-1.0.14.i386.rpm
ftp://ftp.engardelinux.org/pub/engarde/stable/updates/i386/openssl-0.9 .6-1.0.14.i386.rpm
EnGarde Secure Linux 1.0.1 i386 openssl-devel-0.9.6-1.0.14.i386.rpm
ftp://ftp.engardelinux.org/pub/engarde/stable/updates/i386/openssl-dev el-0.9.6-1.0.14.i386.rpm
EnGarde Secure Linux 1.0.1 i386 openssl-misc-0.9.6-1.0.14.i386.rpm
ftp://ftp.engardelinux.org/pub/engarde/stable/updates/i386/openssl-mis c-0.9.6-1.0.14.i386.rpm
EnGarde Secure Linux 1.0.1 i686 openssl-0.9.6-1.0.14.i686.rpm
ftp://ftp.engardelinux.org/pub/engarde/stable/updates/i686/openssl-0.9 .6-1.0.14.i686.rpm
EnGarde Secure Linux 1.0.1 i686 openssl-devel-0.9.6-1.0.14.i686.rpm
ftp://ftp.engardelinux.org/pub/engarde/stable/updates/i686/openssl-dev el-0.9.6-1.0.14.i686.rpm
EnGarde Secure Linux 1.0.1 i686 openssl-misc-0.9.6-1.0.14.i686.rpm
ftp://ftp.engardelinux.org/pub/engarde/stable/updates/i686/openssl-mis c-0.9.6-1.0.14.i686.rpm
FreeBSD SA-01:51 openssl.patch
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-01:51/openssl.patch
FreeBSD SA-01:51 security-patch-openssl-01.51.tgz
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/packages/SA-01:51/security-patc h-openssl-01.51.tgz
NetBSD SA2001-013-openssl-1.5.patch
ftp://ftp.netbsd.org/pub/NetBSD/security/patches/SA2001-013-openssl-1. 5.patch
OpenSSL Project OpenSSL 0.9.6b
http://www.openssl.org/source/openssl-0.9.6b.tar.gz
OpenSSL Project OpenSSL Engine 0.9.6b
http://www.openssl.org/source/openssl-engine-0.9.6b.tar.gz
Trustix 1.1 i586 openssl-0.9.5a-2tr.i586.rpm
ftp://ftp.trustix.net/pub/Trustix/updates/1.1/RPMS/openssl-0.9.5a-2tr. i586.rpm
Trustix 1.1 i586 openssl-devel-0.9.5a-2tr.i586.rpm
ftp://ftp.trustix.net/pub/Trustix/updates/1.1/RPMS/openssl-devel-0.9.5 a-2tr.i586.rpm
Trustix 1.2 i586 openssl-0.9.6-2tr.i586.rpm
ftp://ftp.trustix.net/pub/Trustix/updates/1.2/RPMS/openssl-0.9.6-2tr.i 586.rpm
Trustix 1.2 i586 openssl-devel-0.9.6-2tr.i586.rpm
ftp://ftp.trustix.net/pub/Trustix/updates/1.2/RPMS/openssl-devel-0.9.6 -2tr.i586.rpm
OpenSSL Project OpenSSL 0.9.6
Conectiva 6.0 i386 openssl-0.9.6-4U60_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/openssl-0.9.6-4U60_1cl.i3 86.rpm
Conectiva 6.0 i386 openssl-devel-0.9.6-4U60_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/openssl-devel-0.9.6-4U60_ 1cl.i386.rpm
Mandrake 1.0.1 i586 openssl-0.9.5a-3.1mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/current/updates/1 .0.1/RPMS/openssl-0.9.5a-3.1mdk.i586.rpm
Mandrake 1.0.1 i586 openssl-devel-0.9.5a-3.1mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/current/updates/1 .0.1/RPMS/openssl-devel-0.9.5a-3.1mdk.i586.rpm
Mandrake 7.1 i586 openssl-0.9.5a-3.1mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/current/updates/7 .1/RPMS/openssl-0.9.5a-3.1mdk.i586.rpm
Mandrake 7.1 i586 openssl-devel-0.9.5a-3.1mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/current/updates/7 .1/RPMS/openssl-devel-0.9.5a-3.1mdk.i586.rpm
Mandrake 7.2 i586 openssl-0.9.5a-8.1mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/current/updates/7 .2/RPMS/openssl-0.9.5a-8.1mdk.i586.rpm
Mandrake 7.2 i586 openssl-devel-0.9.5a-8.1mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/current/updates/7 .2/RPMS/openssl-devel-0.9.5a-8.1mdk.i586.rpm
Mandrake 8.0 i586 openssl-0.9.6-7.1mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/current/updates/8 .0/RPMS/openssl-0.9.6-7.1mdk.i586.rpm
Mandrake 8.0 i586 openssl-devel-0.9.6-7.1mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/current/updates/8 .0/RPMS/openssl-devel-0.9.6-7.1mdk.i586.rpm
Mandrake snf7.2 i586 openssl-0.9.5a-8.1mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/current/updates/s nf7.2/RPMS/openssl-0.9.5a-8.1mdk.i586.rpm
Mandrake snf7.2 i586 openssl-0.9.5a-8.1mdk.src.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/current/updates/s nf7.2/SRPMS/openssl-0.9.5a-8.1mdk.src.rpm
NetBSD SA2001-013-openssl-1.5.patch
ftp://ftp.netbsd.org/pub/NetBSD/security/patches/SA2001-013-openssl-1. 5.patch
RedHat 6.2 alpha openssl-0.9.5a-7.6.x.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/openssl-0.9.5a-7.6.x.alpha.rp m
RedHat 6.2 alpha openssl-devel-0.9.5a-7.6.x.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/openssl-devel-0.9.5a-7.6.x.al pha.rpm
RedHat 6.2 alpha openssl-perl-0.9.5a-7.6.x.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/openssl-perl-0.9.5a-7.6.x.alp ha.rpm
RedHat 6.2 alpha openssl-python-0.9.5a-7.6.x.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/openssl-python-0.9.5a-7.6.x.a lpha.rpm
RedHat 6.2 i386 openssl-0.9.5a-7.6.x.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/openssl-0.9.5a-7.6.x.i386.rpm
RedHat 6.2 i386 openssl-devel-0.9.5a-7.6.x.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/openssl-devel-0.9.5a-7.6.x.i38 6.rpm
RedHat 6.2 i386 openssl-perl-0.9.5a-7.6.x.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/openssl-perl-0.9.5a-7.6.x.i386 .rpm
RedHat 6.2 i386 openssl-python-0.9.5a-7.6.x.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/openssl-python-0.9.5a-7.6.x.i3 86.rpm
RedHat 6.2 sparc openssl-0.9.5a-7.6.x.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/openssl-0.9.5a-7.6.x.sparc.rp m
RedHat 6.2 sparc openssl-devel-0.9.5a-7.6.x.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/openssl-devel-0.9.5a-7.6.x.sp arc.rpm
RedHat 6.2 sparc openssl-perl-0.9.5a-7.6.x.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/openssl-perl-0.9.5a-7.6.x.spa rc.rpm
RedHat 6.2 sparc openssl-python-0.9.5a-7.6.x.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/openssl-python-0.9.5a-7.6.x.s parc.rpm
RedHat 7.0 alpha openssl-0.9.6-9.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/openssl-0.9.6-9.alpha.rpm
RedHat 7.0 alpha openssl-devel-0.9.6-9.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/openssl-devel-0.9.6-9.alpha.r pm
RedHat 7.0 alpha openssl-perl-0.9.6-9.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/openssl-perl-0.9.6-9.alpha.rp m
RedHat 7.0 alpha openssl-python-0.9.6-9.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/openssl-python-0.9.6-9.alpha. rpm
RedHat 7.0 alpha openssl095a-0.9.5a-9.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/openssl095a-0.9.5a-9.alpha.rp m
RedHat 7.0 i386 openssl-0.9.6-9.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/openssl-0.9.6-9.i386.rpm
RedHat 7.0 i386 openssl-devel-0.9.6-9.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/openssl-devel-0.9.6-9.i386.rpm
RedHat 7.0 i386 openssl-perl-0.9.6-9.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/openssl-perl-0.9.6-9.i386.rpm
RedHat 7.0 i386 openssl-python-0.9.6-9.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/openssl-python-0.9.6-9.i386.rp m
RedHat 7.0 i386 openssl095a-0.9.5a-9.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/openssl095a-0.9.5a-9.i386.rpm
RedHat 7.1 alpha nss_ldap-149-4.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/nss_ldap-149-4.alpha.rpm
RedHat 7.1 alpha openssl-0.9.6-9.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/openssl-0.9.6-9.alpha.rpm
RedHat 7.1 alpha openssl-devel-0.9.6-9.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/openssl-devel-0.9.6-9.alpha.r pm
RedHat 7.1 alpha openssl-perl-0.9.6-9.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/openssl-perl-0.9.6-9.alpha.rp m
RedHat 7.1 alpha openssl-python-0.9.6-9.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/openssl-python-0.9.6-9.alpha. rpm
RedHat 7.1 alpha openssl095a-0.9.5a-9.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/openssl095a-0.9.5a-9.alpha.rp m
RedHat 7.1 i386 nss_ldap-149-4.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/nss_ldap-149-4.i386.rpm
RedHat 7.1 i386 openssl-0.9.6-9.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/openssl-0.9.6-9.i386.rpm
RedHat 7.1 i386 openssl-devel-0.9.6-9.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/openssl-devel-0.9.6-9.i386.rpm
RedHat 7.1 i386 openssl-perl-0.9.6-9.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/openssl-perl-0.9.6-9.i386.rpm
RedHat 7.1 i386 openssl-python-0.9.6-9.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/openssl-python-0.9.6-9.i386.rp m
Privacy Statement
Copyright 2010, SecurityFocus
