Family: Debian Local Security Checks --> Category: infos
[DSA888] DSA-888-1 openssl Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
Yutaka Oiwa discovered a vulnerability in the Open Secure Socket Layer
(OpenSSL) library that can allow a possible hacker to perform active
protocol-version rollback attacks that could lead to the use of the
weaker SSL 2.0 protocol even though both ends support SSL 3.0 or TLS
The following matrix explains which version in which distribution has
this problem corrected.
We recommend that you upgrade your libssl packages.
Solution : http://www.debian.org/security/2005/dsa-888
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.