EUVD-2015-3263

Malware in sbrugna...

Security Bulletin: Vulnerability in MD5 Signature and Hash Algorithm affects IBM BladeCenter Switches (CVE-2015-7575)

Summary The MD5 "SLOTH" vulnerability on TLS 1.2 affects IBM BladeCenter Switches. Vulnerability Details Summary The MD5 "SLOTH" vulnerability on TLS 1.2 affects IBM BladeCenter Switches. Vulnerability Details CVE-ID: CVE-2015-7575 Description: The TLS protocol could allow weaker than expected...

K20219314: OpenSSL vulnerability CVE-2015-1794

Security Advisory Description The ssl3getkeyexchange function in ssl/s3clnt.c in OpenSSL 1.0.2 before 1.0.2e allows remote servers to cause a denial of service segmentation fault via a zero p value in an anonymous Diffie-Hellman DH ServerKeyExchange message. CVE-2015-1794 Impact There is no impac...

SUSE CVE-2014-3572

The ssl3getkeyexchange function in s3clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message...

SUSE CVE-2015-1794

The ssl3getkeyexchange function in ssl/s3clnt.c in OpenSSL 1.0.2 before 1.0.2e allows remote servers to cause a denial of service segmentation fault via a zero p value in an anonymous Diffie-Hellman DH ServerKeyExchange message...

Mozilla Firefox Security Advisory (MFSA2015-71) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

Security Bulletin: Vulnerability in IBM Java SDK affects IBM License Metric Tool v7.5 & v7.2.2 and IBM Tivoli Asset Discovery for Distributed (CVE-2015-7575)

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 5 that is used by IBM License Metric Tool v7.5 & v7.2.2 and IBM Tivoli Asset Discovery for Distributed. This vulnerability, commonly referred to as “SLOTH”, was disclosed as part of the IBM Java SDK updates in January...

SUSE: Security Advisory (SUSE-SU-2015:1518-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Business Developer (CVE-2015-7575, CVE-2016-0466)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 and 8 that is used by Rational Business Developer. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and includes the vulnerability commonly referred to as “SLOTH”. Vulnerabili...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affects IBM Systems Director Storage Control

Summary There are multiple vulnerabilities in IBM®Runtime Environment Java™Technology Edition, Version 6 that is used by IBM Systems Director Storage Control. These issues was disclosed as part of the IBM Java updates for January 2016, July 2016 and October 2016. Vulnerability Details CVEID:...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Operations Analytics - Predictive Insights (CVE-2015-7575)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 Service Refresh 9 Fix Pack 20 that is used by IBM Operations Analytics - Predictive Insights. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and includes the vulnerability...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Composite Application Manager for Transactions (CVE-2015-7575)

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition,Version 6.0, 7.0 that is used by IBM Tivoli Composite Application Manager for Transactions. This vulnerability, commonly referred to as “SLOTH”, was disclosed as part of the IBM Java SDK updates in January 2016. Vulnerability...

Security Bulletin: Vulnerability in MD5 Signature and Hash Algorithm affects IBM MessageSight (CVE-2015-7575)

Summary The MD5 “SLOTH” vulnerability on TLS 1.2 affects IBM MessageSight. Vulnerability Details CVEID: CVE-2015-7575 DESCRIPTION: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message durin...

Security Bulletin: Vulnerability in MD5 Signature and Hash Algorithm affects IBM FileNet System Monitor/IBM Enterprise Content Management System Monitor (CVE-2015-7575)

Summary The MD5 “SLOTH” vulnerability on TLS 1.2 affects IBM FileNet System Monitor/IBM Enterprise Content Management System Monitor Vulnerability Details CVEID: CVE-2015-7575 DESCRIPTION: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5...

Security Bulletin: Vulnerability in IBM Java SDK affects IBM Rational RequisitePro (CVE-2015-7575)

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 6 that is shipped with IBM WebSphere Application Server, which is needed for the RequisiteWeb component of Rational RequisitePro. This vulnerability, commonly referred to as “SLOTH”, was disclosed as part of the IBM Ja...

Security Bulletin: Vulnerability in IBM Java SDK affects IBM QRadar SIEM and Incident Forensics. (CVE-2015-7575)

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 6 and 7 that is used by IBM QRadar SIEM and Incident Forensics. This vulnerability, commonly referred to as “SLOTH”, was disclosed as part of the IBM Java SDK updates in January 2016. Vulnerability Details CVEID:...

Security Bulletin: Vulnerability in MD5 Signature and Hash Algorithm affects IBM Security Access Manager for Mobile (CVE-2015-7575)

Summary The MD5 “SLOTH” vulnerability on TLS 1.2 affects IBM Security Access Manager for Mobile. Vulnerability Details CVEID: CVE-2015-7575 DESCRIPTION: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a...

Security Bulletin: Multiple Vulnerabilities in IBM SDK, Java Technology Edition Quarterly CPU - Jan 2016 - Includes Oracle Jan 2016 CPU + 3 IBM CVEs affects IBM Algo One - Core, Algo Risk Application, and Counterparty Credit Risk

Summary Java SE issues disclosed in the Oracle January 2016 Critical Path Update. Affects Algo One - Core, Algo Risk Application, and Counterparty Credit Risk. Vulnerability Details CVEID: CVE-2015-7575 DESCRIPTION: The TLS protocol could allow weaker than expected security caused by a collision...

Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Business Process Manager and WebSphere Lombardi Edition (CVE-2016-0483, CVE-2016-0475, CVE-2016-0466, CVE-2015-7575, CVE-2016-0448)

Summary WebSphere Application Server WAS is shipped as a component of IBM Business Process Manager BPM and WebSphere Lombardi Edition WLE. Information about security vulnerabilities affecting WebSphere Application Server has been published in security bulletins. There are multiple vulnerabilities...

AIX bind Advisory : nettcp_advisory2.asc (IV86116) (IV86117) (IV86118) (IV86119) (IV86120) (IV86132)

The version of bind installed on the remote AIX host is affected by the following vulnerabilities : - The TLS protocol allows weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker can...