MiracleLinux 4 : openssl-1.0.1e-30.AXS4.2 (AXSA:2014-603:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-603:01 advisory. Description : The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and...

Security Bulletin: Four (4) Vulnerabilities in OpenSSL affect IBM FlashSystem (and TMS RAMSAN) 710, 720, 810, and 820 systems ( CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, and CVE-2014-3568)

Summary OpenSSL is a toolkit that implements the Secure Sockets Layer SSL, Transport Layer Security TLS, and Datagram Transport Layer Security DTLS protocols which is used by IBM FlashSystem and TMS RAMSAN 710, 720, 810, and 820 systems. OpenSSL had a vulnerability which allowed forceful downgrad...

K15723: OpenSSL vulnerability CVE-2014-3567

Security Advisory Description Description Memory leak in the tlsdecryptticket function in t1lib.c in OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service memory consumption via a crafted session ticket that triggers an...

Security Bulletin: Four (4) Vulnerabilities in OpenSSL affect IBM FlashSystem 840 and V840 systems ( CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, and CVE-2014-3568)

Summary OpenSSL is a toolkit that implements the Secure Sockets Layer SSL, Transport Layer Security TLS, and Datagram Transport Layer Security DTLS protocols which is used by IBM FlashSystem 840 and V840 systems. OpenSSL had a vulnerability which allowed forceful downgrade of the communication to...

Security Bulletin: Vulnerability in SSLv3 and OpenSSL affect SAN Volume Controller and Storwize Family (CVE-2014-3566 CVE-2014-3567)

Summary There are security vulnerabilities in SSLv3 that is used by SAN Volume Controller and Storwize Family. In addition, OpenSSL vulnerabilities along with SSL 3 Fallback protection TLSFALLBACKSCSV were disclosed on October 15, 2014 by the OpenSSL Project. OpenSSL is used by SAN Volume...

Security Bulletin: Tivoli Storage Productivity Center is affected by vulnerabilities in OpenSSL (CVE-2014-3513, CVE-2014-3567, CVE-2014-3568)

Summary OpenSSL vulnerabilities were disclosed on October 15, 2014 by the OpenSSL Project. OpenSSL is used by Tivoli Storage Productivity Center. Tivoli Storage Productivity Center has addressed the applicable CVEs. Vulnerability Details CVE-ID:CVE-2014-3513 DESCRIPTION: OpenSSL is vulnerable to ...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM InfoSphere Master Data Management ( CVE-2014-3513, CVE-2014-3567)

Summary OpenSSL vulnerabilities along with SSL 3 Fallback protection TLSFALLBACKSCSV were disclosed on October 15, 2014 by the OpenSSL Project. OpenSSL is used by IBM InfoSphere Master Data Management. IBM InfoSphere Master Data Management has addressed the applicable CVEs and included the SSL 3....

Slackware: Security Advisory (SSA:2014-288-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2014-0416)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerabilities in OpenSSL affect Data ONTAP SMI-S Agent，OnCommand Workflow Automation ，OnCommand Unified Manager Core Package (5.x)，Open Systems SnapVault Agent (CVE-2014-3513, CVE-2014-3567, CVE-2014-3568)

Summary OpenSSL vulnerabilities were disclosed on October 15, 2014 by the OpenSSL Project. OpenSSL is used by Data ONTAP SMI-S Agent，OnCommand Workflow Automation ，OnCommand Unified Manager Core Package 5.x，Open Systems SnapVault Agent. These products have addressed the applicable CVEs...

SUSE: Security Advisory (SUSE-SU-2014:1512-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2014:1387-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2014:1386-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2014:1524-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerabilities in OpenSSL affect Sterling Connect:Express for UNIX (CVE-2014-3513, CVE-2014-3567, CVE-2014-3570, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204, CVE-2015-0205 and CVE-2015-0206)

Summary OpenSSL vulnerabilities along with SSL 3 Fallback protection TLSFALLBACKSCSV were disclosed on October 15, 2014 and January 8, 2015 by the OpenSSL Project. OpenSSL is used by Sterling Connect:Express for UNIX. Sterling Connect:Express for UNIX has addressed the applicable CVEs and include...

Security Bulletin: IBM PureData System for Operational Analytics is affected by multiple vulnerabilities in SSLv3 and OpenSSL

Summary The IBM PureData System for Operational Analytics is affected by multiple vulnerabilities in SSLv3 and OpenSSL. Vulnerability Details CVEID: CVE-2014-3566 DESCRIPTION: Multiple products could allow a remote attacker to obtain sensitive information, caused by a design error when using the...

Security Bulletin: Vulnerabilities in OpenSSL affect Upward Integration Modules (UIM) (CVE-2014-3513, CVE-2014-3567, CVE-2014-3568)

Summary OpenSSL vulnerabilities along with SSL 3 Fallback protection TLSFALLBACKSCSV were disclosed on October 15, 2014 by the OpenSSL Project. OpenSSL is used by Upward Integration Modules UIM. Upward Integration Modules UIM has addressed the applicableCVEs and included the SSL 3.0 Fallback...

Security Bulletin: Vulnerabilities in OpenSSL affect Integrated Management Module 2 (IMM2) (CVE-2014-3513, CVE-2014-3567, CVE-2014-3568)

Summary OpenSSL vulnerabilities along with SSL 3 Fallback protection TLSFALLBACKSCSV were disclosed on October 15, 2014 by the OpenSSL Project. OpenSSL is used by Integrated Management Module 2. Integrated Management Module 2 has addressed the applicable CVEs and included the SSL 3.0 Fallback...

Security Bulletin: Vulnerabilities in OpenSSL affect Flex System FC3171 8Gb SAN Switch and Flex System FC3171 8Gb SAN Pass-thru (CVE-2014-3513, CVE-2014-3567, CVE-2014-3568)

Summary OpenSSL vulnerabilities along with SSL 3 Fallback protection TLSFALLBACKSCSV were disclosed on October 15, 2014 by the OpenSSL Project. OpenSSL is used by Flex System FC3171 8Gb SAN Switch and Flex System FC3171 8Gb SAN Pass-thru. Flex System FC31718Gb SAN Switch and Flex System FC3171 8G...

Security Bulletin: Vulnerabilities in SSLv3 affect IBM Flex System Manager (FSM) SMIA Configuration Tool (CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-3568)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack and other vulnerabilities. SSLv3 is enabled in IBM FSM SMIA Configuration Tool commonly referred to as Network Advisor has addressed the applicable CVEs...