OpenSSL Internal Certificate Verification Routine Security Bypass Vulnerability

Bugtraq ID: 49469
Class: Design Error
CVE: CVE-2011-3207
Remote: Yes
Local: No
Published: Sep 06 2011 12:00AM
Updated: Apr 13 2015 09:49PM
Credit: Kaspar Brand
Vulnerable: Red Hat Enterprise Linux Workstation Optional 6
Red Hat Enterprise Linux Workstation 6
Red Hat Enterprise Linux Server Optional 6
Red Hat Enterprise Linux Server 6
Red Hat Enterprise Linux HPC Node Optional 6
Red Hat Enterprise Linux HPC Node 6
Red Hat Enterprise Linux Desktop Optional 6
Red Hat Enterprise Linux Desktop 6
Oracle Enterprise Linux 6
OpenSSL Project OpenSSL 1.0.0d
OpenSSL Project OpenSSL 1.0.0c
OpenSSL Project OpenSSL 1.0.0b
OpenSSL Project OpenSSL 1.0.0a
Mandriva Linux Mandrake 2011 x86_64
Mandriva Linux Mandrake 2011
Mandriva Linux Mandrake 2010.1 x86_64
Mandriva Linux Mandrake 2010.1
Kolab Kolab Groupware Server 2.2.4
Kolab Kolab Groupware Server 2.3.2
Kolab Kolab Groupware Server 2.3.1
HP System Management Homepage 6.2.2 7
HP System Management Homepage 6.0 .96
HP System Management Homepage 3.0.2 .77
HP System Management Homepage 3.0.1 .73
HP System Management Homepage 3.0 .68
HP System Management Homepage 3.0 .64
HP System Management Homepage 6.3
HP System Management Homepage 6.2.0-12
HP System Management Homepage 6.2
HP System Management Homepage 6.2
HP System Management Homepage 6.1.0.103
HP System Management Homepage 6.1.0.102
HP System Management Homepage 6.1.0-103
HP System Management Homepage 6.1
HP System Management Homepage 6.0.0.95
HP System Management Homepage 6.0.0-95
HP System Management Homepage 6.0
HP System Management Homepage 3.0.2.77 B
HP System Management Homepage 3.0.2-77
HP System Management Homepage 3.0.1-73
HP System Management Homepage 3.0.0-68
HP System Management Homepage 0
HP Insight Control for Linux (IC-Linux) 7.0
Avaya Aura Experience Portal 6.0
+ Avaya Communication Manager Server DEFINITY Server SI/CS
+ Avaya Communication Manager Server S8100
+ Avaya Communication Manager Server S8300
+ Avaya Communication Manager Server S8500
+ Avaya Communication Manager Server S8700
Avaya 96x1 IP Deskphone 6
Apple Mac Os X 10.7.4
Apple Mac Os X 10.7.3
Apple Mac Os X 10.7.2
Apple Mac Os X 10.7.1
Not Vulnerable: OpenSSL Project OpenSSL 1.0.0e
Kolab Kolab Groupware Server 2.3.3
HP System Management Homepage 7.0


 

Privacy Statement
Copyright 2010, SecurityFocus