Security Bulletin: Securing your products against OpenSSL and TLS vulnerabilities

Question Security Bulletin: Securing your products against OpenSSL and TLS vulnerabilities "Business Unit":"code":"BU059","label":"IBM Software w/o TPS","Product":"code":"SS8NDZ","label":"IBM Aspera","Component":"","Platform":"code":"PF025","label":"Platform Independent","Version":"All...

Linux Distros Unpatched Vulnerability : CVE-2015-4000

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The TLS protocol 1.2 and earlier, when a DHEEXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHEEXPORT choice, which...

SUSE SLES15: java-1_8_0-openjdk / java-1_8_0-openjdk-accessibility / etc (SUSE-SU-2023:4506-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4506-1 advisory. Update to version jdk8u392 icedtea-3.29.0 October 2023 CPU: - CVE-2023-22067: Fixed IOR deserialization issue in CORB...

SUSE SLES12: java-1_8_0-openjdk / java-1_8_0-openjdk-demo / etc (SUSE-SU-2023:4507-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4507-1 advisory. Update to version jdk8u392 icedtea-3.29.0 October 2023 CPU: - CVE-2023-22067: Fixed IOR deserialization issue in CORBA bsc1216379. ...

SUSE-SU-2023:4507-1 Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues: Update to version jdk8u392 icedtea-3.29.0 October 2023 CPU: - CVE-2023-22067: Fixed IOR deserialization issue in CORBA bsc1216379. - CVE-2023-22081: Fixed certificate path validation issue during client authentication bsc1216374. -...

SUSE-SU-2023:4506-1 Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues: Update to version jdk8u392 icedtea-3.29.0 October 2023 CPU: - CVE-2023-22067: Fixed IOR deserialization issue in CORBA bsc1216379. - CVE-2023-22081: Fixed certificate path validation issue during client authentication bsc1216374. -...

Why We Don’t Generate Elliptic Curves Every Day

With all the talk recently of how the NIST curve parameters were selected, a reasonable observer could wonder why we all use the same curves instead of generating them along with keys, like we do for Diffie-Hellman parameters. You might have memories of waiting around for openssl dhparam to run a...

Security Bulletin: Vulnerabilities in OpenSSL, including Logjam, affect IBM Flex System FC3171 8Gb SAN Switch and SAN Pass-thru firmware, QLogic 8Gb Intelligent Pass-thru Module and SAN Switch Module and QLogic Virtual Fabric Extension Module

Summary OpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol CVE-2015-4000. OpenSSL is used by IBM Flex System FC43171 8Gb SAN Switchand SAN Pass-thru firmware, QLogic 8Gb...

Security Bulletin: Multiple vulnerabilities in OpenSSH, GNU C Library (glibc), and OpenSSL, including Logjam, affect Integrated Management Module II (IMM2)

Summary OpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol CVE-2015-4000. OpenSSL is used by Integrated Management Module II IMM2. Vulnerability Details Summary OpenSSL...

Security Bulletin: IBM Integrated Management Module (IMM) is affected by multiple vulnerabilities in OpenSSL including Logjam

Summary OpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol CVE-2015-4000. OpenSSL is used by IBM BladeCenter Integrated Management Module IMM for System x and BladeCenter...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM SAN Volume Controller and Storwize Family (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM SAN Volume Controller and Storwize Family Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by th...

SUSE: Security Advisory (SUSE-SU-2023:0586-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects TS2900 (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects TS2900. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHEEXPO...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects TS3100/TS3200 (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects TS3100/TS3200. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a...

Security Bulletin: Vulnerability in Apache Log4j may affect IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data (CVE-2021-44228)

Summary A vulnerability in Apache Log4j CVE-2021-44228 has been identified that may affect IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data. Several components of IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data use Log4j to log diagnostic data unrelated to customer...

Debian: Security Advisory (DLA-247-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : nrpe (SUSE-SU-2023:0586-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0586-1 advisory. - CVE-2015-4000: Fixed Logjam Attack by increasing the standard size of 512 bit dh parameters to 2048 bsc931600, bsc938906. Tenable has...

SUSE-SU-2023:0586-1 Security update for nrpe

This update for nrpe fixes the following issues: - CVE-2015-4000: Fixed Logjam Attack by increasing the standard size of 512 bit dh parameters to 2048 bsc931600, bsc938906...

K16674: TLS vulnerability CVE-2015-4000

Security Advisory Description The TLS protocol 1.2 and earlier, when a DHEEXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHEEXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE...

SUSE CVE-2015-4000

The TLS protocol 1.2 and earlier, when a DHEEXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHEEXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHEEXPORT and then...