11 matches found
Security Bulletin: Vulnerabilities in OpenSSL affect IBM SAN b-type Switches
Summary OpenSSL issues from March 2015 containing 12 CVE were disclosed. This bulletin addresses the vulnerabilities that have been referred to as Open SSL used by IBM SAN b-type Switches. Vulnerability Details CVEID: CVE-2015-0291 DESCRIPTION: OpenSSL is vulnerable to a denial of service. By...
Security Bulletin: Vulnerabilities in OpenSSL affect IBM Cisco MDS Switches and Directors.
Summary OpenSSL vulnerabilities were disclosed on March 19, 2015 by the OpenSSL Project. OpenSSL is used by IBM Cisco Switches and Directors has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-0291 DESCRIPTION: OpenSSL is vulnerable to a denial of service. By connecting to a...
Security Bulletin: Vulnerabilities in OpenSSL including ClientHello DoS affect Multiple N series Products
Summary OpenSSL vulnerabilities were disclosed on March 19, 2015 by the OpenSSL Project. This includes OpenSSL ClientHello sigalgs DoS CVE-2015-0291. OpenSSL is used by Multiple N series Products. Multiple N series Products have addressed the applicable CVEs. Vulnerability Details CVEID:...
Security Bulletin: Vulnerabilities in OpenSSL affects Rational Application Developer for WebSphere Software
Summary OpenSSL vulnerabilities were disclosed on March 19, 2015 by the OpenSSL Project. OpenSSL is used by the Cordova platform packaged with Rational Application Developer for WebSphere Software and has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-0207 DESCRIPTION: OpenS...
Security Bulletin: IBM i is affected by several OpenSSL vulnerabilities.
Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM i. IBM i has addressed the applicable CVEs provided by OpenSSL Vulnerability Details CVEID: CVE-2015-0207 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an implementation error in t...
Security Bulletin: Vulnerabilities in OpenSSL affect MegaRAID Storage Manager
Summary OpenSSL vulnerabilities were disclosed on March 19, 2015 by the OpenSSL Project. OpenSSL is used by MegaRAID Storage Manager. MegaRAID Storage Manager has addressed the applicable CVEs. Vulnerability Details Summary OpenSSL vulnerabilities were disclosed on March 19, 2015 by the OpenSSL...
Security Bulletin: Vulnerabilities in OpenSSL affect IBM Flex System FC5022 16Gb SAN and EN4023 10Gb Scalable Switches
Summary OpenSSL vulnerabilities were disclosed on March 19, 2015 by the OpenSSL Project. IBM Flex System FC5022 16Gb SAN and EN4023 10Gb Scalable Switches use OpenSSL and have addressed the applicable CVEs. Vulnerability Details Summary OpenSSL vulnerabilities were disclosed on March 19, 2015 by...
Splunk Enterprise 5.0.x < 5.0.13 / 6.0.x < 6.0.9 / 6.1.x < 6.1.8 OpenSSL Vulnerabilities (FREAK)
According to its version number, the Splunk Enterprise hosted on the remote web server is 5.0.x prior to 5.0.13, 6.0.x prior to 6.0.9, or 6.1.x prior to 6.1.4. It is, therefore, affected by the following vulnerabilities related to the included OpenSSL library : - A security feature bypass...
lib32-openssl: multiple issues
CVE-2015-1787 denial of service If client auth is used then a server can segfault in the event of a DHE ciphersuite being selected and a zero length ClientKeyExchange message being sent by the client. This could be exploited in a DoS attack. - CVE-2015-0207 denial of service The DTLSv1listen...
CVE-2015-0207
OpenSSL CVE-2015-0207 is a DTLS vulnerability in OpenSSL 1.0.2 before 1.0.2a where dtls1_listen fails to isolate state for independent streams, enabling remote denial of service via crafted DTLS traffic (segmentation fault). Public IBM/NGS bulletins reference this CVE alongside others (e.g., CVE-...
openssl: multiple issues
CVE-2015-1787 denial of service If client auth is used then a server can segfault in the event of a DHE ciphersuite being selected and a zero length ClientKeyExchange message being sent by the client. This could be exploited in a DoS attack. - CVE-2015-0207 denial of service The DTLSv1listen...