4 matches found
Security Bulletin: Vulnerabilities in OpenSSL affect System x Integrated Management Module (IMM) (CVE-2015-0204)
Summary OpenSSL vulnerabilities were disclosed on January 8, 2015 by the OpenSSL Project. This includes "FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability. OpenSSL is used by System x Integrated Management Module IMM. IMM hasaddressed the applicable CVEs...
Security Bulletin: IBM Tealeaf Customer Experience is affected by vulnerabilities in OpenSSL
Summary Vulnerabilities in OpenSSL including the “FREAK” attack affect IBM Tealeaf Customer Experience. Vulnerability Details CVEID: CVE-2014-3569 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by the failure to properly handle attempts to use unsupported protocols by the...
Updated openssl packages fix security vulnerabilities
A carefully crafted DTLS message can cause a segmentation fault in OpenSSL due to a NULL pointer dereference. This could lead to a Denial Of Service attack CVE-2014-3571. A memory leak can occur in the dtls1bufferrecord function under certain conditions. In particular this could occur if an...
OpenSSL 1.0.0 < 1.0.0e Multiple Vulnerabilities
The version of OpenSSL installed on the remote host is prior to 1.0.0e. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.0.0e advisory. - The BNGF2mmodinv function in crypto/bn/bngf2m.c in OpenSSL before 0.9.8s, 1.0.0 before 1.0.0e, 1.0.1 before 1.0.1n, and 1.0.2 befo...