Security Bulletin: Vulnerabilities in OpenSSL affect IBM Security Network Active Bypass (CVE-2015-5229, CVE-2015-8776)

Summary OpenSSL vulnerabilities were found in IBM Security Network Active Bypass. IBM Security Network Active Bypass has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-5229 DESCRIPTION: GNU C Library glibc is vulnerable to a denial of service, caused by the return of memory...

Security Bulletin: : Multiple Vulnerabilities in OpenSSL affect IBM Security Guardium

Summary OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Security Guardium . IBM Security Guardium has addressed the applicable CVEs Vulnerability Details CVEID: CVE-2016-2108 DESCRIPTION: OpenSSL could allow a remote attacker to execute arbitra...

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Security Guardium

Summary OpenSSL vulnerabilities were disclosed on March 1, 2016 by the OpenSSL Project. OpenSSL is used by IBM Security Guardium. IBM Security Guardium has addressed the applicable CVEs including the “DROWN: Decrypting RSA with Obsolete and Weakened eNcryption" vulnerability. Vulnerability Detail...

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Security Network Protection

Summary OpenSSL vulnerabilities were disclosed on March 1, 2016 by the OpenSSL Project. OpenSSL is used by IBM Security Network Protection. IBM Security Network Protection has addressed the applicable CVEs including the “DROWN: Decrypting RSA with Obsolete and Weakened eNcryption" vulnerability...

Security Bulletin: : Vulnerabilities in OpenSSL affect IBM Security Guardium (CVE-2015-3194, CVE-2015-3195, CVE-2015-3196)

Summary OpenSSL vulnerabilities were disclosed on December 3, 2015 by the OpenSSL Project. OpenSSL is used by IBM Security Guardium. IBM Security Guardium has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-3194 DESCRIPTION: OpenSSL is vulnerable to a denial of service, cause...

Security Bulletin: IBM Security Network Protection is affected by OpenSSL vulnerabilities (CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204, CVE-2015-0205, and CVE-2015-0206)

Summary Security vulnerabilities have been discovered in OpenSSL used with IBM Security Network Protection. Vulnerability Details CVEID:CVE-2014-3569 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by the failure to properly handle attempts to use unsupported protocols by the...

Security Bulletin: Vulnerabilities in SSLv3 and in OpenSSL affect Enterprise Scanner (CVE-2014-3566, CVE-2014-3513, CVE-2014-3567, and CVE-2014-3568)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM Security Proventia Network Enterprise Scanner. In addition, OpenSSL vulnerabilities along with SSL 3 Fallback protection TLSFALLBACKSCSV we...

Security Bulletin: IBM Security Access Manager for Mobile and IBM Security Access Manager for Web appliances are affected by the following OpenSSL vulnerabilities: CVE-2014-0224, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470 and possibly CVE-2014-0076

Summary Security vulnerabilities have been discovered in OpenSSL that were reported on June 5, 2014 by the OpenSSL Project. Vulnerability Details CVE-ID: CVE-2014-0224 DESCRIPTION: OpenSSL is vulnerable to a man-in-the-middle attack, caused by the use of weak keying material in SSL/TLS clients an...

Security Bulletin: IBM Security Network Protection is affected by the following OpenSSL vulnerabilities: CVE-2014-0224, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470

Summary Security vulnerabilities have been discovered in OpenSSL that were reported on June 5, 2014 by the OpenSSL Project. Vulnerability Details CVE-ID: CVE-2014-0224 DESCRIPTION: OpenSSL is vulnerable to a man-in-the-middle attack, caused by the use of weak keying material in SSL/TLS clients an...

Security Bulletin: IBM Security Proventia Network Active Bypass is affected by vulnerabilities in OpenSSL (CVE-2014-0160 and CVE-2014-0076)

Summary Security vulnerabilities have been discovered in OpenSSL. Vulnerability Details CVE-ID: CVE-2014-0160 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the TLS/DTLS heartbeat functionality. An attacker could exploit this vulnerabilit...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Tealeaf Customer Experience

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Tealeaf Customer Experience. IBM Tealeaf Customer Experience has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-6304 DESCRIPTION: OpenSSL is vulnerable ...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Tealeaf Customer Experience

Summary OpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. OpenSSL is used by IBM Tealeaf Customer Experience. IBM Tealeaf Customer Experience has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-1788 DESCRIPTION: OpenSSL is vulnerable to a denial ...

Security Bulletin: OpenSSL vulnerabilities in IBM Algo Audit and Compliance (CVE-2016-0705, CVE-2016-0798, CVE-2016-0797, CVE-2016-0799, CVE-2016-0702)

Summary OpenSSL could allow a remote attacker to obtain sensitive information and denial of service attacks. OpenSSL is used by IBM Algo Audit and Compliance. Vulnerability Details CVEID: CVE-2016-0705 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a double-free error when...

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Cognos TM1 (CVE-2014-3567, CVE-2014-3513, CVE-2014-3568)

Summary OpenSSL vulnerabilities were disclosed on October 15, 2014 by the OpenSSL Project. OpenSSL is used by IBM Cognos TM1. IBM Cognos TM1 has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2014-3567 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a memory...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Aspera Transfer Cluster Manager, Faspex on Demand, Server on Demand, Application on Demand, and Azure on Demand (CVE-2016-6302 CVE-2016-6304 CVE-2016-6303 CVE-2016-2182 CVE-2016-2177 ...)

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Aspera Transfer Cluster Manager, IBM Aspera Faspex on Demand, IBM Aspera Server on Demand, IBM Aspera Application on Demand, and IBM Aspera Azure on Demand. IBM Aspera Transf...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM PureApplication System. (CVE-2015-3193, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196, CVE-2015-1794)

Summary Vulnerabilities in OpenSSL affect IBM PureApplication System. CVE-2015-3193, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196, CVE-2015-1794 Vulnerability Details CVEID: CVE-2015-3193 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM WebSphere MQ Advanced Message Security for IBM i, IBM WebSphere MQ Client for HP-NSS

Summary OpenSSL vulnerabilities were disclosed on March 19, 2015 by the OpenSSL Project. OpenSSL is used by IBM WebSphere MQ Advanced Message Security for the IBM i platform, IBM WebSphere MQ HP-NSS and IBM WebSphere MQ Paho MQTT clients. IBM WebSphere MQ Advanced Message Security for the IBM i...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM WebSphere MQ (HP-NSS and OVMS platforms) and Eclipse Paho MQTT C Client libraries (Windows and Linux platforms) (CVE-2014-3570, CVE-2014-3572, CVE-2015-0204, CVE-2015-0205)

Summary OpenSSL vulnerabilities were disclosed on January 8, 2015 by the OpenSSL Project. This includes “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability. OpenSSL is used by IBM WebSphere MQ on HP-NSS and HP OpenVMS platforms. Vulnerability Details CVEID:...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM WebSphere Cast Iron Solution(CVE-2014-3572,CVE-2015-0204,CVE-2014-8275)

Summary OpenSSL vulnerabilities were disclosed on January 8, 2015 by the OpenSSL Project. OpenSSL is used by IBM WebSphere Cast Iron Solution has addressed the applicable CVEs CVE-2014-3572,CVE-2015-0204,CVE-2014-8275. Vulnerability Details CVEID: CVE-2014-3572 DESCRIPTION: OpenSSL could provide...

Solaris 10 (sparc) : 148071-12

SunOS 5.10: openssl patch. Date this patch was last updated by Sun : Jul/11/13 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...