Security Bulletin: Several System x and Flex Systems products are affected by vulnerabilities in OpenSSL (CVE-2013-6449, CVE-2013-4353 and CVE-2013-6450)

Summary Security vulnerabilities discovered in OpenSSL have been fixed in recent releases of several IBM System x and Flex Systems products. You may have already applied the updates containing these fixes. Vulnerability Details Abstract Security vulnerabilities discovered in OpenSSL have been fix...

Security Bulletin: Sixteen (16) Vulnerabilities in OpenSSL affect IBM FlashSystem (and TMS RAMSAN) 710, 720, 810, and 820 systems

Summary OpenSSL vulnerabilities affect the IBM FlashSystem and TMS RAMSAN 710, 720, 810, and 820 systems . These vulnerabilities could allow a remote attacker to execute arbitrary code on the system, to obtain sensitive information, to crash a client, or cause of denial of service. Vulnerability...

K15180: OpenSSL vulnerability CVE-2013-4353

Security Advisory Description The ssl3takemac function in ssl/s3both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service NULL pointer dereference and application crash via a crafted Next Protocol Negotiation record in a TLS handshake. CVE-2013-4353 Impact Remot...

SUSE CVE-2013-4353

The ssl3takemac function in ssl/s3both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service NULL pointer dereference and application crash via a crafted Next Protocol Negotiation record in a TLS handshake...

Security Bulletin: Tivoli Storage Productivity Center is affected by the following OpenSSL vulnerabilities: CVE-2013-4353, CVE-2013-6449, CVE-2013-6450

Summary Security vulnerabilities have been discovered in OpenSSL that were reported by the OpenSSL Project. Vulnerability Details CVE-ID:CVE-2013-4353 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference when handling malicious S/MIME messages. By sendin...

Slackware: Security Advisory (SSA:2014-013-02)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2014-0012)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OpenSSL: Multiple DoS Vulnerabilities (CVE-2013-4353, CVE-2013-6449) - Linux

OpenSSL is prone to multiple denial of service DoS vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway are affected by vulnerabilities in OpenSSL Libraries version 1.0.1 (CVE-2013-4353, CVE-2013-6450, CVE-2013-6449)

Summary Security vulnerabilities have been discovered in the OpenSSL libraries used by IBM Sterling B2B Integrator and IBM Sterling File Gateway. Vulnerability Details SWIFTNet adapters of IBM Sterling B2B Integrator and IBM Sterling File Gateway use OpenSSL libraries for cryptography, and thus a...

Security Bulletin: IBM Systems Director (ISD) is affected by vulnerabilities in OpenSSL (CVE-2013-4353, CVE-2013-6450, and CVE-2013-6449)

Summary : IBM Systems Director contains a version of openssl that contained the 3 vulnerabilities listed above. Vulnerability Details Abstract IBM Systems Director contains a version of openssl that contained the 3 vulnerabilities listed above. Content Vulnerability Details: CVE-ID: CVE-2013-4353...

Security Bulletin: IBM Flex System Manager (FSM) and compatible IBM Systems Director agents are affected by vulnerabilities in OpenSSL (CVE-2013-4353, CVE-2013-6450, and CVE-2013-6449)

Summary An interface on the IBM BladeCenter Advanced Management Module AMM may expose user account names and passwords that have been configured on that AMM. Vulnerability Details Abstract The FSM and compatible agents contain a version of openssl that contained the 3 vulnerabilities listed above...

Security Bulletin: IBM Tivoli Composite Application Manager for Transactions is affected by vulnerabilities in OpenSSL (CVE-2013-4353, CVE-2013-6450 and CVE-2013-6449)

Summary Security vulnerabilities have been discovered in OpenSSL. Vulnerability Details CVE-ID: CVE-2013-4353 DESCRIPTION: A carefully crafted invalid TLS handshake could crash OpenSSL with a NULL pointer exception. A malicious server could use this flaw to crash a connecting client. This issue...

Security Bulletin: IBM Tivoli Netcool System Service Monitors/Application Service Monitors is affected by vulnerabilities in OpenSSL (CVE-2013-4353, CVE-2013-6450 and CVE-2013-6449)

Summary Security vulnerabilities have been discovered in OpenSSL. Vulnerability Details CVE-ID: CVE-2013-4353 DESCRIPTION: A carefully crafted invalid TLS handshake could crash OpenSSL with a NULL pointer exception. A malicious server could use this flaw to crash a connecting client. This issue...

Gentoo Security Advisory GLSA 201402-25

Gentoo Linux Local Security Checks GLSA 201402-25 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

Fedora Update for mingw-openssl FEDORA-2014-17587

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for openssl FEDORA-2014-13012

Check the version of openssl SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868417";...

Fedora 20 : openssl-1.0.1e-39.fc20 (2014-9308) (Heartbleed)

Multiple moderate issues fixed. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...

openSUSE Security Update : openssl (openSUSE-SU-2014:0096-1)

Fixed bnc857640, openssl: TLS record tampering issue can lead to OpenSSL crash Add file: CVE-2013-4353.patch %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2014-63. The text...

SOL15180 - OpenSSL vulnerability CVE-2013-4353

Recommended action You can eliminate this vulnerability by running a version listed in the Versions known to be not vulnerable column. If the column does not list a version that is newer than the version you are running, then no upgrade candidate currently exists. To mitigate this vulnerability,...

Fedora Update for mingw-openssl FEDORA-2014-4999

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...