MiracleLinux 7 : openssl-1.0.1e-51.el7.7 (AXSA:2016-685:04)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-685:04 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries...

Siemens SCALANCE X-200RNA Switch Devices Out-of-bounds Read (CVE-2016-2180)

The TSOBJprintbio function in crypto/ts/tslib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol TSP implementation in OpenSSL through 1.0.2h allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted time- stamp file that is mishandled b...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch Firmware

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch Firmware. IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch Firmware has addressed the...

Security Bulletin: IBM b-type SAN switches and directors affected by Open Source OpenSSL Vulnerabilities (CVE-2016-2180).

Summary IBM b-type SAN switches and directors has addressed Open Source OpenSSL Vulnerabilities. Vulnerability Details CVEID:CVE-2016-2180 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in the TSOBJprintbio function. A remote attacker could exploit this...

openssl security update

1.0.1e-59.0.4 - Backport fixes for CVE-2023-0286 Orabug: 35212597 1.0.1e-59.0.3 - Fix possible infinite loop in BNmodsqrt CVE-2022-0778Orabug: 33969800 1.0.1e-59.0.1 - Backport fixes for CVE-2020-1971 Orabug: 32654738 1.0.1e-58.0.1 - Oracle bug 28730228: backport CVE-2018-0732 - Oracle bug...

Debian: Security Advisory (DLA-637-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Multiple Security Vulnerabilities exist in IBM Cognos Express.

Summary There is a vulnerability in IBM® Runtime Environment Java™ Technology Edition Version 7 that is used by IBM Cognos Express. This issue was disclosed as part of the IBM Java SDK updates in July 2016. OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM Cogn...

Security Bulletin: Multiple vulnerabilities in OpenSSL affects IBM InfoSphere Master Data Management

Summary IBM Initiate Master Data Service and IBM InfoSphere Master Data Management are vulnerable to multiple OpenSSL denial of service attacks and could allow access to sensitive information. Vulnerability Details CVEID: CVE-2016-2177 DESCRIPTION: OpenSSL is vulnerable to a denial of service,...

Security Bulletin: Multiple Security Vulnerabilities in OpenSSL affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center)

Summary OpenSSL vulnerabilities were disclosed on September 22 and September 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Spectrum Control and Tivoli Storage Productivity Center. IBM Spectrum Control and Tivoli Storage Productivity Center have addressed the applicable CVEs. Vulnerabili...

Mageia: Security Advisory (MGASA-2016-0338)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM Sterling Connect:Express for Unix

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Sterling Connect:Express for UNIX. IBM Sterling Connect:Express for UNIX has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2000-1254 DESCRIPTION: OpenSSL...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM SmartCloud Entry

Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM SmartCloud Entry. IBM SmartCloud Entry has addressed the applicable CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-6302 CVE-2016-6304 CVE-2016-6306...

Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM i

Summary OpenSSL is used by IBM i. IBM i has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-6302 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation of the ticket length by the tlsdecryptticket function ...

Security Bulletin: Multiple security vulnerabilities affect IBM WebSphere Application Server for Bluemix

Summary There is a potential code execution vulnerability in WebSphere Application Server. OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. Vulnerability Details CVEID: CVE-2016-5983 DESCRIPTION: IBM WebSphere Application Server could allow remote...

Security Bulletin: Vulnerabilities in OpenSSL affect MobileFirst Quality Assurance

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by MobileFirst Quality Assurance. MobileFirst Quality Assurance has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-6302 DESCRIPTION: OpenSSL is vulnerable to a...

Security Bulletin: Vulnerabilities in OpenSSL affects IBM Tivoli Composite Application Manager for Transactions

Summary Vulnerabilities in OpenSSL were disclosed by openssl.org. OpenSSL 1.0.2j, used by IBM Tivoli Composite Application Manager for Transactions ISM, has addressed these vulnerabilities. Vulnerability Details CVE-ID: CVE-2000-1254 Description: OpenSSL could allow a remote attacker to obtain...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM StoredIQ (CVE-2016-2177, CVE-2016-2178, CVE-2016-2180)

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by StoredIQ. StoredIQ has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2178 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive informatio...

Security Bulletin: Vulnerabilities in OpenSSL affect Rational Insight

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by Rational Insight. Rational Insight has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-6302 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused...

Security Bulletin: Vulnerabilities in OpenSSL affect Rational Reporting for Development Intelligence

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by Rational Reporting for Development Intelligence RRDI. RRDI has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-6302 DESCRIPTION: OpenSSL is vulnerable to a...

Security Bulletin: Vulnerability in OpenSSL affect Rational Tau (CVE-2016-2180)

Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by Rational Tau. Rational Tau has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2180 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in the...