Security Bulletin: IBM Informix Cryptographic Library Updates (CVE-2012-2190, CVE-2012-2191, CVE-2012-2203)

Abstract Multiple security problems exist in the IBM GSKit libraries that IBM Informix and IBM Informix ClientSDK use to provide communications security and other cryptographic functionality. Content CVE ID: CVE-2012-2190 DESCRIPTION: GSKit allows remote attackers to cause a denial of service...

Security Bulletin: IBM Tivoli Composite Application Manager for Transactions affected by multiple vulnerabilities in GSKit (CVE-2012-2203, CVE-2012-2191, CVE-2012-2190)

Abstract Vulnerabilities in IBM Global Security Kit GSKit, shipped as part of IBM Tivoli Composite Application Manager for Transactions ITCAM for Transactions. Content VULNERABILITY DETAILS: Security vulnerabilities have been discovered in the GSKit libraries. ITCAM for Transactions uses the GSKi...

Security Bulletin: GSKit SSL/TLS Record Length vulnerability in Tivoli Directory Server (CVE-2012-2191)

Abstract A vulnerability has been identified in the GSKit component utilized by Tivoli Directory Server TDS. A specifically crafted malformed SSL/TLS data packet can cause the TDS server using GSKit to segmentation fault.. Remediation for the issue consists of updating GSKit 7 to version 7.0.4.41...

Security Bulletin: Multiple GSKit Vulnerabilities in IBM DB2 (CVE-2012-2190, CVE-2012-2191, CVE-2012-2203).

Abstract GSKit is an IBM product that is used by IBM DB2 for SSL support. The GSKit that is shipped with DB2 contains multiple security vulnerabilities. By default, DB2 does not use SSL for client-server communication and therefore, this vulnerability affects DB2 only if SSL is enabled. Content...

Security Bulletin: Two security vulnerabilities found and fixed in WebSphere Business Events V7.0, V7.0.1 and 7.0.1.1 in the DesignData Tooling (CVE-2012-2190, CVE-2012-2191)

Abstract A vulnerability in relation to Session ID Lengths and SSL/TLS Server has been discovered that impacts GSKit used with the Webshpere Business Events 7.0 product. Content VULNERABILITY DETAILS CVE IDs: CVE-2012-2191 and CVE-2012-2190 DESCRIPTION An error in the Global secure Toolkit GSKIT,...

Security Bulletin: Multiple vulnerabilities in Rational Directory Server (CVE-2012-2203, CVE-2012-2191)

Summary Notice of security vulnerabilities which impacts IBM Rational Directory Server 5.2.x Tivoli variant only along with instructions to resolve the issues. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this link for...

IBM Tivoli Storage Manager Server 6.2.x < 6.2.6.0 Multiple Vulnerabilities

The version of IBM Tivoli Storage Manager installed on the remote host is 6.2.x prior to 6.2.6.0. It is, therefore, potentially affected by multiple flaws in its bundled SSL library: - A flaw that could allow a remote attacker to cause a denial of service via a specially crafted 'ClientHello'...

IBM Tivoli Storage Manager Server 6.1.x Multiple Vulnerabilities

The version of IBM Tivoli Storage Manager installed on the remote host is 6.1 running on Windows or AIX. It is, therefore, potentially affected by multiple flaws in its bundled SSL library: - A flaw that could allow a remote attacker to cause a denial of service via a specially crafted...

CVE-2012-2191

Technical details for CVE-2012-2191 are not publicly provided in the Connected documents. The available sources summarize the issue (GSKit TLS CBC timing attack) but do not include affected versions, roots, or fixes in this corpus. Monitor for updates.