265 matches found
Security Bulletin: Securing your products against OpenSSL and TLS vulnerabilities
Question Security Bulletin: Securing your products against OpenSSL and TLS vulnerabilities "Business Unit":"code":"BU059","label":"IBM Software w/o TPS","Product":"code":"SS8NDZ","label":"IBM Aspera","Component":"","Platform":"code":"PF025","label":"Platform Independent","Version":"All...
MiracleLinux 4 : nss-3.19.1-3.AXS4, nss-util-3.19.1-1.AXS4 (AXSA:2015-196:01)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2015-196:01 advisory. Description: nss Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server...
Siemens SCALANCE X-200RNA Switch Devices Cryptographic Issues (CVE-2015-4000)
The TLS protocol 1.2 and earlier, when a DHEEXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHEEXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHEEXPORT and then...
openSUSE: Security Advisory for java (SUSE-SU-2023:4506-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2023:4507-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2023:4506-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12: java-1_8_0-openjdk / java-1_8_0-openjdk-demo / etc (SUSE-SU-2023:4507-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4507-1 advisory. Update to version jdk8u392 icedtea-3.29.0 October 2023 CPU: - CVE-2023-22067: Fixed IOR deserialization issue in CORBA bsc1216379. ...
SUSE SLES15: java-1_8_0-openjdk / java-1_8_0-openjdk-accessibility / etc (SUSE-SU-2023:4506-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4506-1 advisory. Update to version jdk8u392 icedtea-3.29.0 October 2023 CPU: - CVE-2023-22067: Fixed IOR deserialization issue in CORB...
Security Bulletin: IBM Integrated Management Module (IMM) is affected by multiple vulnerabilities in OpenSSL including Logjam
Summary OpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol CVE-2015-4000. OpenSSL is used by IBM BladeCenter Integrated Management Module IMM for System x and BladeCenter...
Security Bulletin: Multiple vulnerabilities in OpenSSH, GNU C Library (glibc), and OpenSSL, including Logjam, affect Integrated Management Module II (IMM2)
Summary OpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol CVE-2015-4000. OpenSSL is used by Integrated Management Module II IMM2. Vulnerability Details Summary OpenSSL...
Security Bulletin: Vulnerabilities in OpenSSL, including Logjam, affect IBM Flex System FC3171 8Gb SAN Switch and SAN Pass-thru firmware, QLogic 8Gb Intelligent Pass-thru Module and SAN Switch Module and QLogic Virtual Fabric Extension Module
Summary OpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol CVE-2015-4000. OpenSSL is used by IBM Flex System FC43171 8Gb SAN Switchand SAN Pass-thru firmware, QLogic 8Gb...
Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects TS3100/TS3200 (CVE-2015-4000)
...
Debian: Security Advisory (DLA-507-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : nrpe (SUSE-SU-2023:0586-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0586-1 advisory. - CVE-2015-4000: Fixed Logjam Attack by increasing the standard size of 512 bit dh parameters to 2048 bsc931600, bsc938906. Tenable has...
SA40002 - [Pulse Secure] June 11th 2015 OpenSSL Security Advisory
Edit: 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. On June 11th, 2015 the OpenSSL project announced a group of new security advisories. These issues may affect Pulse Secure products. The OpenSSL advisory can be found at the following...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Integrated Information Core (CVE-2015-4000)
Abstract IBM WebSphere Application Server v7.0 is shipped as a component of IBM Integrated Information Core. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Content Vulnerability Details Please consult the security...
Security Bulletin: Security Vulnerability in IBM WebSphere Application Server (CVE-2015-4000) Affects Asset and Service Management
Summary The LogJam Attack on Diffie-Hellman ciphers CVE-2015-4000 may affect some configurations of IBM WebSphere Application Server. The vulnerability affects Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Energy Optimization, Maximo f...
Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect WebSphere Process Server (CVE-2015-4000)
Summary The LogJam Attack on Diffie-Hellman ciphers CVE-2015-4000 may affect some configurations of IBM WebSphere Application Server Full Profile that is shipped as a component of WebSphere Process Server. The IBM HTTP Server used by WebSphere Application Server is not affected. Vulnerability...
Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect IBM WebSphere Application Server (CVE-2015-4000)
Summary The LogJam Attack on Diffie-Hellman ciphers CVE-2015-4000 may affect some configurations of IBM WebSphere Application Server Full Profile, IBM WebSphere Application Server Liberty Profile, and IBM WebSphere Application Server Hypervisor Edition. The IBM HTTP Server used by WebSphere...
Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IMS™ Enterprise Suite: SOAP Gateway (CVE-2015-4000)
Summary The Logjam Attack on TLSTransport Layer Security connections using the Diffie-Hellman DH key exchange protocol affects IMS™ Enterprise Suite: SOAP Gateway. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive informatio...