SUSE SLES12 Security Update : nrpe (SUSE-SU-2023:0586-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0586-1 advisory. - The TLS protocol 1.2 and earlier, when a DHEEXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects multiple IBM Rational products based on IBM Jazz technology (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects the following IBM Jazz Team Server based Applications: Collaborative Lifecycle Management CLM, Rational Requirements Composer RRC, Rational DOORS Next Generation RDNG, Rational Engineering...

Security Bulletin: IBM Spectrum Protect Plus vulnerable to Logjam (CVE-2015-4000)

Summary A port used by VADP is reported to be vulnerable to Logjam CVE-2015-4000. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHEEXPORT ciphersuite choice. An...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK including Logjam affect IBM Tivoli System Automation for Integrated Operations Management

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 that is used by IBM Tivoli System Automation for Integrated Operations Management. These issues were disclosed as part of the IBM Java SDK updates in July 2015. This bulletin also addresses the Logjam Attac...

Security Bulletin: Logjam vulnerability affect IBM Cloud Manager with Openstack (CVE-2015-4000)

Summary IBM Cloud Manager with Openstack is vulnerable to Logjam vulnerability, attackers could exploit them to obtain sensitive information Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failur...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK including Logjam affect IBM Tivoli System Automation for Multiplatforms (CVE-2015-4000, CVE-2015-2613, CVE-2015-2601, CVE-2015-2625, CVE-2015-1931, CVE-2015-4749)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 5 and 7 that is used by IBM Tivoli System Automation for Multiplatforms. These issues were disclosed as part of the IBM Java SDK updates in July 2015. This bulletin also addresses the Logjam Attack on TLS...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Tivoli Monitoring (CVE-2015-4000)

Summary The Logjam vulnerability in TLS connections using the Diffie-Hellman DH key exchange protocol affects some components of IBM Tivoli Monitoring ITM. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, cause...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Security Network Protection (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM Security Network Protection. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Cognos Command Center (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM Cognos Command Center. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to proper...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Algo Credit Limits (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM Algo Credit Limits. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Image Construction and CompositionTool. (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM Image Construction and Composition Tool. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the...

AIX 6.1 TL 9 : bos.net.tcp.client (U861500)

The remote host is missing AIX PTF U861500, which is related to the security of the package bos.net.tcp.client. Product could allow a remote attacker to obtain sensitive information, caused by a design error when using the SSLv3 protocol. A remote user with the ability to conduct a...

Multiple vulnerabilities in IBM Java SDK affect AIX

IBM SECURITY ADVISORY First Issued: Fri Jul 31 13:04:25 CDT 2015 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/javajuly2015advisory.asc https://aix.software.ibm.com/aix/efixes/security/javajuly2015advisory.asc...

CVE-2015-4000

The TLS protocol 1.2 and earlier, when a DHEEXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHEEXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHEEXPORT and then...