51 matches found
Security Bulletin: Several System x and Flex Systems products are affected by vulnerabilities in OpenSSL (CVE-2013-6449, CVE-2013-4353 and CVE-2013-6450)
Summary Security vulnerabilities discovered in OpenSSL have been fixed in recent releases of several IBM System x and Flex Systems products. You may have already applied the updates containing these fixes. Vulnerability Details Abstract Security vulnerabilities discovered in OpenSSL have been fix...
Security Bulletin: Sixteen (16) Vulnerabilities in OpenSSL affect IBM FlashSystem (and TMS RAMSAN) 710, 720, 810, and 820 systems
Summary OpenSSL vulnerabilities affect the IBM FlashSystem and TMS RAMSAN 710, 720, 810, and 820 systems . These vulnerabilities could allow a remote attacker to execute arbitrary code on the system, to obtain sensitive information, to crash a client, or cause of denial of service. Vulnerability...
SUSE CVE-2013-6449
The sslgetalgorithm2 function in ssl/s3lib.c in OpenSSL before 1.0.2 obtains a certain version number from an incorrect data structure, which allows remote attackers to cause a denial of service daemon crash via crafted traffic from a TLS 1.2 client...
Security Bulletin: Tivoli Storage Productivity Center is affected by the following OpenSSL vulnerabilities: CVE-2013-4353, CVE-2013-6449, CVE-2013-6450
Summary Security vulnerabilities have been discovered in OpenSSL that were reported by the OpenSSL Project. Vulnerability Details CVE-ID:CVE-2013-4353 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference when handling malicious S/MIME messages. By sendin...
Slackware: Security Advisory (SSA:2014-013-02)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2014-0008)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OpenSSL: Multiple DoS Vulnerabilities (CVE-2013-4353, CVE-2013-6449) - Linux
OpenSSL is prone to multiple denial of service DoS vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway are affected by vulnerabilities in OpenSSL Libraries version 1.0.1 (CVE-2013-4353, CVE-2013-6450, CVE-2013-6449)
Summary Security vulnerabilities have been discovered in the OpenSSL libraries used by IBM Sterling B2B Integrator and IBM Sterling File Gateway. Vulnerability Details SWIFTNet adapters of IBM Sterling B2B Integrator and IBM Sterling File Gateway use OpenSSL libraries for cryptography, and thus a...
Security Bulletin: IBM Flex System Manager (FSM) and compatible IBM Systems Director agents are affected by vulnerabilities in OpenSSL (CVE-2013-4353, CVE-2013-6450, and CVE-2013-6449)
Summary An interface on the IBM BladeCenter Advanced Management Module AMM may expose user account names and passwords that have been configured on that AMM. Vulnerability Details Abstract The FSM and compatible agents contain a version of openssl that contained the 3 vulnerabilities listed above...
Security Bulletin: IBM Systems Director (ISD) is affected by vulnerabilities in OpenSSL (CVE-2013-4353, CVE-2013-6450, and CVE-2013-6449)
Summary : IBM Systems Director contains a version of openssl that contained the 3 vulnerabilities listed above. Vulnerability Details Abstract IBM Systems Director contains a version of openssl that contained the 3 vulnerabilities listed above. Content Vulnerability Details: CVE-ID: CVE-2013-4353...
Security Bulletin: IBM Tivoli Composite Application Manager for Transactions is affected by vulnerabilities in OpenSSL (CVE-2013-4353, CVE-2013-6450 and CVE-2013-6449)
Summary Security vulnerabilities have been discovered in OpenSSL. Vulnerability Details CVE-ID: CVE-2013-4353 DESCRIPTION: A carefully crafted invalid TLS handshake could crash OpenSSL with a NULL pointer exception. A malicious server could use this flaw to crash a connecting client. This issue...
Security Bulletin: IBM Tivoli Netcool System Service Monitors/Application Service Monitors is affected by vulnerabilities in OpenSSL (CVE-2013-4353, CVE-2013-6450 and CVE-2013-6449)
Summary Security vulnerabilities have been discovered in OpenSSL. Vulnerability Details CVE-ID: CVE-2013-4353 DESCRIPTION: A carefully crafted invalid TLS handshake could crash OpenSSL with a NULL pointer exception. A malicious server could use this flaw to crash a connecting client. This issue...
Fedora Update for mingw-openssl FEDORA-2014-17587
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for openssl FEDORA-2014-13012
Check the version of openssl SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868417";...
Fedora 20 : openssl-1.0.1e-39.fc20 (2014-9308) (Heartbleed)
Multiple moderate issues fixed. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
openSUSE Security Update : openssl (openSUSE-SU-2014:0018-1)
Fixed bnc856687, openssl: crash when using TLS 1.2 Add file: CVE-2013-6449.patch - compressionmethodsswitch.patch: setenv might not be successful if a surrounding library or application filters it, like e.g. sudo. As setenv does not seem to be useful anyway, remove it. bnc849377 %NASLMINLEVEL...
openSUSE Security Update : openssl (openSUSE-SU-2014:0012-1)
Fixed bnc856687, openssl: crash when using TLS 1.2 Add file: CVE-2013-6449.patch - compressionmethodsswitch.patch: setenv might not be successful if a surrounding library or application filters it, like e.g. sudo. As setenv does not seem to be useful anyway, remove it. bnc849377 %NASLMINLEVEL...
openSUSE Security Update : openssl (openSUSE-SU-2014:0015-1)
Fixed bnc856687, openssl: crash when using TLS 1.2 Add file: CVE-2013-6449.patch %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2014-4. The text description of this plugin is C SUSE...
Fedora Update for mingw-openssl FEDORA-2014-4999
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for mingw-openssl FEDORA-2014-4982
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...