MiracleLinux 7 : openssl-1.0.1e-51.el7.7 (AXSA:2016-685:04)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-685:04 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries...

Linux Distros Unpatched Vulnerability : CVE-2016-2178

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The dsasignsetup function in crypto/dsa/dsaossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch Firmware

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch Firmware. IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch Firmware has addressed the...

openssl security update

1.0.1e-59.0.4 - Backport fixes for CVE-2023-0286 Orabug: 35212597 1.0.1e-59.0.3 - Fix possible infinite loop in BNmodsqrt CVE-2022-0778Orabug: 33969800 1.0.1e-59.0.1 - Backport fixes for CVE-2020-1971 Orabug: 32654738 1.0.1e-58.0.1 - Oracle bug 28730228: backport CVE-2018-0732 - Oracle bug...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Integrated Management Module (IMM) for System x & BladeCenter

Summary IBM Integrated Management Module IMM for System x & BladeCenter have addressed the following vulnerabilities in OpenSSL. Vulnerability Details Summary IBM Integrated Management Module IMM for System x & BladeCenter have addressed the following vulnerabilities in OpenSSL. Vulnerability...

Security Bulletin: Multiple vulnerabilities in OpenSSL affect SAN Volume Controller, Storwize family and FlashSystem V9000 products

Summary Vulnerabilities in the OpenSSL component affect the management GUI of SAN Volume Controller, Storwize family and FlashSystem V9000 products. The CLI interface is unaffected. The CVEs are CVE-2016-2177 CVE-2016-2178 CVE-2016-2183 CVE-2016-6302 CVE-2016-6304 CVE-2016-6306. Vulnerability...

Debian: Security Advisory (DLA-637-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: IBM b-type SAN switches and directors affected by Open Source OpenSSL Vulnerabilities (CVE-2016-2177, CVE-2016-2178).

Summary IBM b-type SAN switches and directors addressing Open Source OpenSSL Vulnerabilities CVE-2016-2177, CVE-2016-2178. Vulnerability Details Relevant CVE Information: CVEID: CVE-2016-2177 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer...

K53084033: OpenSSL vulnerability CVE-2016-2178

Security Advisory Description The dsasignsetup function in crypto/dsa/dsaossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack. CVE-2016-2178 Impact An...

Security Bulletin: Multiple vulnerabilities in OpenSSL affects IBM InfoSphere Master Data Management

Summary IBM Initiate Master Data Service and IBM InfoSphere Master Data Management are vulnerable to multiple OpenSSL denial of service attacks and could allow access to sensitive information. Vulnerability Details CVEID: CVE-2016-2177 DESCRIPTION: OpenSSL is vulnerable to a denial of service,...

Security Bulletin: Vulnerabilities in Open Source OpenSSL affect IBM Cisco SAN switches and directors (CVE-2016-2177 CVE-2000-1254 CVE-2016-2178).

Summary Open Source OpenSSL is used by IBM Cisco SAN switches and directors. IBM Cisco SAN switches and directors has addressed the applicable CVEs. Vulnerability Details Relevant CVE Information: CVEID: CVE-2000-1254 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive...

Mageia: Security Advisory (MGASA-2016-0338)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:2470-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM Sterling Connect:Express for Unix

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Sterling Connect:Express for UNIX. IBM Sterling Connect:Express for UNIX has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2000-1254 DESCRIPTION: OpenSSL...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM SmartCloud Entry

Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM SmartCloud Entry. IBM SmartCloud Entry has addressed the applicable CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-6302 CVE-2016-6304 CVE-2016-6306...

Security Bulletin: OpenSSLにある複数の脆弱性のWebSphere Message BrokerとIBM Integration Busへの影響について

Summary OpenSSLの脆弱性について、OpenSSL Projectより2016年 9月22日、9月26日、11月10日にそれぞれ公表されております。WebSphere Message BrokerならびにIBM Integration Busにて使用されているDataDirect ODBC ドライバーに対して該当するCVEがあり、対処しております。 Vulnerability Details 最新の情報は下記の文書（英語）をご参照ください。 Security Bulletin: Multiple vulnerabilities in OpenSSL affect...

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Rational ClearQuest

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Rational ClearQuest. IBM Rational ClearQuest has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2177 DESCRIPTION: OpenSSL is vulnerable to a denial of...

Security Bulletin: Multiple Vulnerabilities in NTP and OpenSSL affect IBM Netezza Firmware Diagnostics Tools

Summary NTP and OpenSSL is used by IBM Netezza Firmware Diagnostics Tools. OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. IBM Netezza Firmware Diagnostics Tools has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-8138 DESCRIPTION: NTP could allo...

Security Bulletin: Multiple security vulnerabilities affect IBM WebSphere Application Server for Bluemix

Summary There is a potential code execution vulnerability in WebSphere Application Server. OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. Vulnerability Details CVEID: CVE-2016-5983 DESCRIPTION: IBM WebSphere Application Server could allow remote...

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK for Node.js™ in IBM Bluemix

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM SDK for Node.js. IBM SDK for Node.js has addressed the applicable CVEs, plus three additional vulnerabilities unrelated to the OpenSSL release. Vulnerability Details CVEID:...