Novell Home

CVE-2006-3738

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2006-3738 at MITRE

Description

Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers.

NVD CVSS v2 Base Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

Novell/SUSE information

Novell Bugzilla entries: 202366, 207635, 215623

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE LINUX 10.0
  • compat-openssl096g >= 0.9.6g-4.2
SUSE LINUX 9.2
  • compat-openssl096g >= 0.9.6g-2.2
SUSE LINUX 9.3
  • compat-openssl096g >= 0.9.6g-3.2
SuSE Linux Desktop 1.0
  • openssl >= 0.9.6g-139
sles9-oes.x86
ul1.s390
sles10.s390x
slox4.x86
core9.s390
sled10.x86
YOU Patch Nr: 11234
ZYPP Patch Nr: 2141
SuSE Linux Enterprise Server 8 for IBM zSeries
  • openssl >= 0.9.6g-139
  • openssl-devel >= 0.9.6g-139
sles9-oes.x86
ul1.s390
sles10.s390x
slox4.x86
core9.s390
sled10.x86
YOU Patch Nr: 11234
ZYPP Patch Nr: 2141
Novell Linux Desktop 9 for x86_64
  • openssl >= 0.9.7d-15.29
  • openssl-32bit >= 9-200609270654
  • openssl-devel >= 0.9.7d-15.29
  • openssl-devel-32bit >= 9-200609270654
sles9-oes.x86
ul1.s390
sles10.s390x
slox4.x86
core9.s390
sled10.x86
YOU Patch Nr: 11234
ZYPP Patch Nr: 2141
Novell Linux Desktop 9 for x86
Open Enterprise Server
  • openssl >= 0.9.7d-15.29
  • openssl-devel >= 0.9.7d-15.29
sles9-oes.x86
ul1.s390
sles10.s390x
slox4.x86
core9.s390
sled10.x86
YOU Patch Nr: 11234
ZYPP Patch Nr: 2141
SUSE LINUX Retail Solution 8
SuSE Linux Enterprise Server 8 for AMD64
SuSE Linux Enterprise Server 8 for IBM iSeries and IBM pSeries
SuSE Linux Enterprise Server 8 for IPF
SuSE Linux Openexchange Server 4
SuSE Linux School Server for i386
SuSE Linux Standard Server 8
UnitedLinux 1.0
  • openssl >= 0.9.6g-138
  • openssl-devel >= 0.9.6g-138
sles9-oes.x86
ul1.s390
sles10.s390x
slox4.x86
core9.s390
sled10.x86
YOU Patch Nr: 11234
ZYPP Patch Nr: 2141
SUSE CORE 9 for AMD64 and Intel EM64T
  • openssl >= 0.9.7d-15.48
  • openssl-devel >= 0.9.7d-15.48
  • openssl-doc >= 0.9.7d-15.48
Builds
YOU Patch Nr: 12759
SUSE LINUX 10.1
  • compat-openssl097g >= 0.9.7g-13.5
  • compat-openssl097g-32bit >= 0.9.7g-13.5
  • compat-openssl097g-64bit >= 0.9.7g-13.5
SuSE Linux Enterprise Server 8 for IBM zSeries
  • openssl-z990 >= 0.9.7c-9
ul1.s390
YOU Patch Nr: 11271
SUSE LINUX 10.0
  • openssl >= 0.9.7g-2.10
  • openssl-32bit >= 0.9.7g-2.10
  • openssl-64bit >= 0.9.7g-2.10
  • openssl-devel >= 0.9.7g-2.10
  • openssl-devel-32bit >= 0.9.7g-2.10
  • openssl-devel-64bit >= 0.9.7g-2.10
SUSE LINUX 10.1
  • openssl >= 0.9.8a-18.10
  • openssl-32bit >= 0.9.8a-18.10
  • openssl-64bit >= 0.9.8a-18.10
  • openssl-devel >= 0.9.8a-18.10
  • openssl-devel-32bit >= 0.9.8a-18.10
  • openssl-devel-64bit >= 0.9.8a-18.10
SUSE LINUX 9.2
  • openssl >= 0.9.7d-25.6
  • openssl-32bit >= 9.2-200609270647
  • openssl-devel >= 0.9.7d-25.6
  • openssl-devel-32bit >= 9.2-200609270647
SUSE LINUX 9.3
  • openssl >= 0.9.7e-3.6
  • openssl-32bit >= 9.3-7.3
  • openssl-devel >= 0.9.7e-3.6
  • openssl-devel-32bit >= 9.3-7.3

© 2014 Novell