The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Tivoli Directory Server

computer vulnerability bulletin CVE-2015-1977

IBM Tivoli/Security Directory Server: directory traversal

Synthesis of the vulnerability

An attacker can traverse directories of IBM Tivoli/Security Directory Server, in order to read a file outside the service root path.
Impacted products: Security Directory Server, Tivoli Directory Server.
Severity: 2/4.
Consequences: data reading.
Provenance: internet client.
Creation date: 12/07/2016.
Identifiers: 1986452, CVE-2015-1977, VIGILANCE-VUL-20068.

Description of the vulnerability

The IBM Tivoli/Security Directory Server product offers a web service.

However, user's data are directly inserted in an access path. Sequences such as "/.." can thus be used to go in the upper directory.

An attacker can therefore traverse directories of IBM Tivoli/Security Directory Server, in order to read a file outside the service root path.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2015-5174

Apache Tomcat: directory traversal of ServletContext

Synthesis of the vulnerability

An attacker, who is allowed to upload a malicious web application on the service, can traverse directories in ServletContext of Apache Tomcat, in order to read the content of a directory outside the service root path.
Impacted products: Tomcat, Debian, BIG-IP Hardware, TMOS, HP-UX, QRadar SIEM, Tivoli Directory Server, Junos Space, Snap Creator Framework, openSUSE Leap, Oracle Communications, Solaris, RHEL, JBoss EAP by Red Hat, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: data reading.
Provenance: document.
Creation date: 22/02/2016.
Identifiers: 1980693, 1981632, 1983989, bulletinjan2016, c05054964, c05150442, cpujul2018, CVE-2015-5174, DSA-3530-1, DSA-3552-1, DSA-3609-1, HPSBUX03561, HPSBUX03606, JSA10838, K30971148, NTAP-20180531-0001, openSUSE-SU-2016:0865-1, RHSA-2016:1432-01, RHSA-2016:1433-01, RHSA-2016:1434-01, RHSA-2016:1435-01, RHSA-2016:2045-01, RHSA-2016:2599-02, SOL30971148, SUSE-SU-2016:0769-1, SUSE-SU-2016:0822-1, SUSE-SU-2016:0839-1, USN-3024-1, VIGILANCE-VUL-18993.

Description of the vulnerability

The Apache Tomcat product can execute a web application from an untrusted source with a Security Manager.

However, the getResource(), getResourceAsStream() and getResourcePaths() methods of ServletContext insert user's data directly in an access path. Sequences such as "/.." can thus be used by the web application to go in the upper directory.

An attacker, who is allowed to upload a malicious web application on the service, can therefore traverse directories in ServletContext of Apache Tomcat, in order to read the content of a directory outside the service root path.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2015-5006

IBM Java: vulnerability

Synthesis of the vulnerability

A vulnerability of IBM Java was announced.
Impacted products: AIX, Domino, Notes, Security Directory Server, Tivoli Directory Server, Tivoli System Automation, Tivoli Workload Scheduler, WebSphere AS Traditional, RHEL, SUSE Linux Enterprise Desktop, SLES.
Severity: 2/4.
Consequences: unknown consequence, administrator access/rights, privileged access/rights, user access/rights, client access/rights, data reading, data creation/edition, data deletion, data flow, denial of service on server, denial of service on service, denial of service on client, disguisement.
Provenance: document.
Creation date: 23/11/2015.
Identifiers: 1969620, 1971361, 1971479, 1974831, 1978806, CVE-2015-5006, RHSA-2015:2506-01, RHSA-2015:2507-01, RHSA-2015:2508-01, RHSA-2015:2509-01, SUSE-SU-2015:2166-1, SUSE-SU-2015:2168-1, SUSE-SU-2015:2168-2, SUSE-SU-2015:2182-1, SUSE-SU-2015:2192-1, SUSE-SU-2015:2216-1, SUSE-SU-2015:2268-1, SUSE-SU-2016:0113-1, VIGILANCE-VUL-18360.

Description of the vulnerability

A vulnerability of IBM Java was announced.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2015-4734 CVE-2015-4803 CVE-2015-4805

Oracle Java: several vulnerabilities of October 2015

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Oracle Java.
Impacted products: DCFM Enterprise, FabricOS, Brocade Network Advisor, Brocade vTM, Debian, Fedora, AIX, Domino, Notes, IRAD, Security Directory Server, Tivoli Directory Server, Tivoli System Automation, Tivoli Workload Scheduler, WebSphere AS Traditional, WebSphere MQ, JAXP, ePO, SnapManager, Java OpenJDK, openSUSE, openSUSE Leap, Java Oracle, JavaFX, Puppet, RHEL, SAS Add-in for Microsoft Office, SAS Analytics Pro, Base SAS Software, SAS Enterprise BI Server, SAS Enterprise Guide, SAS Management Console, SAS OLAP Server, SAS SAS/ACCESS, SAS SAS/AF, SAS SAS/CONNECT, SAS SAS/EIS, SAS SAS/ETS, SAS SAS/FSP, SAS SAS/GRAPH, SAS SAS/IML, SAS SAS/OR, SAS SAS/STAT, SAS SAS/Web Report Studio, SUSE Linux Enterprise Desktop, SLES, Ubuntu, Unix (platform) ~ not comprehensive.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights, data reading, data creation/edition, data deletion, denial of service on service.
Provenance: document.
Number of vulnerabilities in this bulletin: 26.
Creation date: 21/10/2015.
Identifiers: 1969620, 1971361, 1971479, 1973785, 1974831, 1978806, 1981838, 56203, 9010041, 9010044, BSA-2016-002, BSA-2016-004, CERTFR-2015-AVI-439, cpuoct2015, CVE-2015-4734, CVE-2015-4803, CVE-2015-4805, CVE-2015-4806, CVE-2015-4810, CVE-2015-4835, CVE-2015-4840, CVE-2015-4842, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4868, CVE-2015-4871, CVE-2015-4872, CVE-2015-4881, CVE-2015-4882, CVE-2015-4883, CVE-2015-4893, CVE-2015-4901, CVE-2015-4902, CVE-2015-4903, CVE-2015-4906, CVE-2015-4908, CVE-2015-4911, CVE-2015-4916, DSA-3381-1, DSA-3381-2, DSA-3401-1, FEDORA-2015-27cfe187b5, FEDORA-2015-ce54f85a3e, NTAP-20150715-0001, NTAP-20151028-0001, openSUSE-SU-2015:1902-1, openSUSE-SU-2015:1905-1, openSUSE-SU-2015:1906-1, openSUSE-SU-2015:1971-1, openSUSE-SU-2016:0268-1, openSUSE-SU-2016:0270-1, openSUSE-SU-2016:0272-1, openSUSE-SU-2016:0279-1, RHSA-2015:1919-01, RHSA-2015:1920-01, RHSA-2015:1921-01, RHSA-2015:1926-01, RHSA-2015:1927-01, RHSA-2015:1928-01, RHSA-2015:2086-01, RHSA-2015:2506-01, RHSA-2015:2507-01, RHSA-2015:2508-01, RHSA-2015:2509-01, RHSA-2015:2518-01, SB10141, SUSE-SU-2015:1874-2, SUSE-SU-2015:1875-2, SUSE-SU-2015:2166-1, SUSE-SU-2015:2168-1, SUSE-SU-2015:2168-2, SUSE-SU-2015:2182-1, SUSE-SU-2015:2192-1, SUSE-SU-2015:2216-1, SUSE-SU-2015:2268-1, SUSE-SU-2016:0113-1, SUSE-SU-2016:0265-1, SUSE-SU-2016:0269-1, USN-2784-1, USN-2818-1, USN-2827-1, VIGILANCE-VUL-18149.

Description of the vulnerability

Several vulnerabilities were announced in Oracle Java.

An attacker can use a vulnerability of CORBA, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; CVE-2015-4835]

An attacker can use a vulnerability of CORBA, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; CVE-2015-4881]

An attacker can use a vulnerability of Libraries, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; CVE-2015-4843]

An attacker can use a vulnerability of RMI, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; CVE-2015-4883]

An attacker can use a vulnerability of RMI, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; CVE-2015-4860]

An attacker can use a vulnerability of Serialization, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; CVE-2015-4805]

An attacker can use a vulnerability of 2D, in order to obtain information, to alter information, or to trigger a denial of service (VIGILANCE-VUL-21214). [severity:3/4; CVE-2015-4844]

An attacker can use a vulnerability of JavaFX, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; CVE-2015-4901]

An attacker can use a vulnerability of Libraries, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; CVE-2015-4868]

An attacker can use a vulnerability of Libraries, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; CVE-2015-4868]

An attacker can use a vulnerability of Deployment, in order to obtain information, to alter information, or to trigger a denial of service. [severity:2/4; CVE-2015-4810]

An attacker can use a vulnerability of Libraries, in order to obtain or alter information. [severity:2/4; CVE-2015-4806]

An attacker can use a vulnerability of Libraries, in order to obtain or alter information. [severity:2/4; CVE-2015-4871]

An attacker can use a vulnerability of Deployment, in order to alter information. [severity:2/4; CVE-2015-4902]

An attacker can use a vulnerability of 2D, in order to obtain information. [severity:2/4; CVE-2015-4840]

An attacker can use a vulnerability of CORBA, in order to trigger a denial of service. [severity:2/4; CVE-2015-4882]

An attacker can use a vulnerability of JAXP, in order to obtain information. [severity:2/4; CVE-2015-4842]

An attacker can use a vulnerability of JGSS, in order to obtain information. [severity:2/4; CVE-2015-4734]

An attacker can use a vulnerability of RMI, in order to obtain information. [severity:2/4; CVE-2015-4903]

An attacker can use a vulnerability of JAXP, in order to trigger a denial of service. [severity:2/4; CVE-2015-4803]

An attacker can use a vulnerability of JAXP, in order to trigger a denial of service. [severity:2/4; CVE-2015-4893]

An attacker can use a vulnerability of JAXP, in order to trigger a denial of service. [severity:2/4; CVE-2015-4911]

An attacker can use a vulnerability of Security, in order to alter information. [severity:2/4; CVE-2015-4872]

An attacker can use a vulnerability of JavaFX, in order to obtain information. [severity:2/4; CVE-2015-4906]

An attacker can use a vulnerability of JavaFX, in order to obtain information. [severity:2/4; CVE-2015-4916]

An attacker can use a vulnerability of JavaFX, in order to obtain information. [severity:2/4; CVE-2015-4908]
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2015-0209

OpenSSL: use after free via d2i_ECPrivateKey

Synthesis of the vulnerability

An attacker can force the usage of a freed memory area in d2i_ECPrivateKey of OpenSSL, in order to trigger a denial of service, and possibly to execute code.
Impacted products: ArubaOS, ProxySG par Blue Coat, SGOS by Blue Coat, FabricOS, Brocade Network Advisor, Cisco ASR, AnyConnect VPN Client, Cisco ACE, ASA, AsyncOS, Cisco CSS, Cisco ESA, IOS XE Cisco, Cisco IPS, IronPort Email, IronPort Web, Nexus by Cisco, NX-OS, Prime Infrastructure, Cisco PRSM, Cisco Router, Secure ACS, Cisco CUCM, Cisco Unified CCX, Cisco IP Phone, Cisco MeetingPlace, Cisco Wireless IP Phone, WebNS, Cisco WSA, Debian, BIG-IP Hardware, TMOS, Fedora, FreeBSD, hMailServer, HP-UX, AIX, IRAD, Security Directory Server, Tivoli Directory Server, Tivoli Workload Scheduler, WebSphere MQ, Juniper J-Series, Junos OS, Junos Pulse, Junos Space, Junos Space Network Management Platform, Juniper Network Connect, NSM Central Manager, NSMXpress, Juniper SBR, Data ONTAP, NetBSD, NetScreen Firewall, ScreenOS, OpenBSD, OpenSSL, openSUSE, openSUSE Leap, Oracle Communications, Solaris, pfSense, RHEL, Base SAS Software, SAS SAS/CONNECT, Slackware, Splunk Enterprise, SUSE Linux Enterprise Desktop, SLES, Nessus, Ubuntu, Unix (platform) ~ not comprehensive, WinSCP.
Severity: 3/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 09/03/2015.
Identifiers: 1698703, 1701334, 1902519, 1960491, 1964410, 55767, 7043086, 9010031, ARUBA-PSA-2015-007, c04679334, CERTFR-2015-AVI-089, CERTFR-2015-AVI-117, CERTFR-2015-AVI-146, CERTFR-2015-AVI-177, CERTFR-2015-AVI-259, CERTFR-2016-AVI-303, cisco-sa-20150320-openssl, cisco-sa-20150408-ntpd, cpuoct2017, CTX216642, CVE-2015-0209, DSA-3197-1, DSA-3197-2, FEDORA-2015-10047, FEDORA-2015-10108, FEDORA-2015-4300, FEDORA-2015-4303, FEDORA-2015-6855, FreeBSD-SA-15:06.openssl, HPSBUX03334, JSA10680, MDVSA-2015:062, MDVSA-2015:063, NetBSD-SA2015-007, NTAP-20150323-0002, openSUSE-SU-2015:0554-1, openSUSE-SU-2015:1277-1, openSUSE-SU-2016:0640-1, RHSA-2015:0715-01, RHSA-2015:0716-01, RHSA-2015:0752-01, RHSA-2016:1087-01, RHSA-2016:1088-01, RHSA-2016:1089-01, SA40001, SOL16301, SOL16302, SOL16317, SOL16319, SOL16320, SOL16321, SOL16323, SPL-98351, SPL-98531, SSA:2015-111-09, SSRT102000, SUSE-SU-2015:0541-1, SUSE-SU-2015:0553-1, SUSE-SU-2015:0553-2, SUSE-SU-2015:0578-1, TNS-2015-04, TSB16661, USN-2537-1, VIGILANCE-VUL-16341.

Description of the vulnerability

The OpenSSL product implements the Elliptic Curves algorithm.

However, the d2i_ECPrivateKey() function frees a memory area before reusing it.

An attacker can therefore force the usage of a freed memory area in d2i_ECPrivateKey() of OpenSSL, in order to trigger a denial of service, and possibly to execute code.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2015-0138 CVE-2015-0204

OpenSSL, LibReSSL, Mono, JSSE: weakening TLS encryption via FREAK

Synthesis of the vulnerability

An attacker, located as a Man-in-the-Middle, can force the Chrome, JSSE, LibReSSL, Mono or OpenSSL client to accept a weak export algorithm, in order to more easily capture or alter exchanged data.
Impacted products: Arkoon FAST360, ArubaOS, Avaya Ethernet Routing Switch, ProxyAV, ProxySG par Blue Coat, SGOS by Blue Coat, FabricOS, Brocade Network Advisor, Cisco ATA, AnyConnect VPN Client, Cisco ACE, ASA, AsyncOS, Cisco ESA, IOS by Cisco, IronPort Email, IronPort Web, Nexus by Cisco, NX-OS, Cisco Prime Access Registrar, Prime Collaboration Assurance, Cisco Prime DCNM, Prime Infrastructure, Cisco Prime LMS, Prime Network Control Systems, Cisco PRSM, Cisco Router, Cisco IP Phone, Cisco MeetingPlace, Cisco WSA, Clearswift Email Gateway, Debian, Black Diamond, ExtremeXOS, Summit, BIG-IP Hardware, TMOS, Fedora, FortiClient, FortiGate, FortiGate Virtual Appliance, FortiOS, FreeBSD, Chrome, HPE NNMi, HP-UX, AIX, DB2 UDB, Domino, Notes, IRAD, Security Directory Server, Tivoli Directory Server, Tivoli Storage Manager, Tivoli Workload Scheduler, WebSphere AS Traditional, WebSphere MQ, Juniper J-Series, Junos OS, Junos Space, Junos Space Network Management Platform, NSM Central Manager, NSMXpress, Juniper SBR, McAfee Email Gateway, ePO, McAfee NTBA, McAfee NGFW, VirusScan, McAfee Web Gateway, Windows (platform) ~ not comprehensive, Data ONTAP, NetBSD, NetScreen Firewall, ScreenOS, Nodejs Core, OpenBSD, Java OpenJDK, OpenSSL, openSUSE, openSUSE Leap, Oracle Communications, Oracle Directory Services Plus, Oracle Fusion Middleware, Oracle Internet Directory, Java Oracle, Solaris, Tuxedo, WebLogic, pfSense, Puppet, RHEL, Base SAS Software, SAS SAS/CONNECT, Slackware, Sophos AV, Splunk Enterprise, Stonesoft NGFW/VPN, stunnel, SUSE Linux Enterprise Desktop, SLES, Ubuntu, Unix (platform) ~ not comprehensive.
Severity: 2/4.
Consequences: data reading, data creation/edition.
Provenance: internet server.
Number of vulnerabilities in this bulletin: 2.
Creation date: 04/03/2015.
Revision date: 09/03/2015.
Identifiers: 122007, 1450666, 1610582, 1647054, 1698613, 1699051, 1699810, 1700225, 1700997, 1701485, 1902260, 1903541, 1963275, 1968485, 1973383, 55767, 7014463, 7022958, 9010028, ARUBA-PSA-2015-003, bulletinjan2015, c04556853, c04679334, c04773241, CERTFR-2015-AVI-108, CERTFR-2015-AVI-117, CERTFR-2015-AVI-146, CERTFR-2016-AVI-303, cisco-sa-20150310-ssl, cpuapr2017, cpujul2018, cpuoct2017, CTX216642, CVE-2015-0138, CVE-2015-0204, DSA-3125-1, FEDORA-2015-0512, FEDORA-2015-0601, FG-IR-15-007, FREAK, FreeBSD-SA-15:01.openssl, HPSBMU03345, HPSBUX03244, HPSBUX03334, JSA10679, MDVSA-2015:019, MDVSA-2015:062, MDVSA-2015:063, NetBSD-SA2015-006, NetBSD-SA2015-007, NTAP-20150205-0001, openSUSE-SU-2015:0130-1, openSUSE-SU-2016:0640-1, RHSA-2015:0066-01, RHSA-2015:0800-01, RHSA-2015:1020-01, RHSA-2015:1021-01, RHSA-2015:1091-01, SA40015, SA88, SA91, SB10108, SB10110, SOL16120, SOL16123, SOL16124, SOL16126, SOL16135, SOL16136, SOL16139, SP-CAAANXD, SPL-95203, SPL-95206, SSA:2015-009-01, SSRT101885, SSRT102000, SUSE-SU-2015:1073-1, SUSE-SU-2015:1085-1, SUSE-SU-2015:1086-1, SUSE-SU-2015:1086-2, SUSE-SU-2015:1086-3, SUSE-SU-2015:1086-4, SUSE-SU-2015:1138-1, SUSE-SU-2015:1161-1, T1022075, USN-2459-1, VIGILANCE-VUL-16301, VN-2015-003_FREAK, VU#243585.

Description of the vulnerability

The TLS protocol uses a series of messages which have to be exchanged between the client and the server, before establishing a secured session.

Several cryptographic algorithms can be negotiated, such as algorithms allowed for USA export (less than 512 bits).

An attacker, located as a Man-in-the-Middle, can inject during the session initialization a message choosing an export algorithm. This message should generate an error, however some TLS clients accept it.

Note: the variant related to Windows is described in VIGILANCE-VUL-16332.

An attacker, located as a Man-in-the-Middle, can therefore force the Chrome, JSSE, LibReSSL, Mono or OpenSSL client to accept a weak export algorithm, in order to more easily capture or alter exchanged data.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2014-8730 CVE-2015-2774

Check Point, Cisco, IBM, F5, FortiOS: information disclosure via POODLE on TLS

Synthesis of the vulnerability

An attacker, located as a Man-in-the-Middle, can decrypt a Terminating TLS session, in order to obtain sensitive information.
Impacted products: GAiA, CheckPoint IP Appliance, IPSO, CheckPoint Power-1 Appliance, SecurePlatform, CheckPoint Security Appliance, CheckPoint Smart-1, CheckPoint VSX-1, Cisco ACE, ASA, BIG-IP Hardware, TMOS, Fedora, FortiGate, FortiGate Virtual Appliance, FortiOS, DB2 UDB, Domino, Informix Server, Tivoli Directory Server, openSUSE, Solaris, Palo Alto Firewall PA***, PAN-OS, Ubuntu.
Severity: 3/4.
Consequences: data reading.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 2.
Creation date: 09/12/2014.
Revision date: 17/12/2014.
Identifiers: 1450666, 1610582, 1647054, 1692906, 1693052, 1693142, bulletinjul2017, CERTFR-2014-AVI-533, CSCus08101, CSCus09311, CVE-2014-8730, CVE-2015-2774, FEDORA-2015-12923, FEDORA-2015-12970, openSUSE-SU-2016:0523-1, sk103683, SOL15882, USN-3571-1, VIGILANCE-VUL-15756.

Description of the vulnerability

The VIGILANCE-VUL-15485 (POODLE) vulnerability originates from an incorrect management of SSLv3 padding.

The F5 BIG-IP product can be configured to "terminate" SSL/TLS sessions. However, even when TLS is used, this BIG-IP feature uses the SSLv3 function to manage the padding. TLS sessions are thus also vulnerable to POODLE.

The same vulnerability also impacts Check Point, Cisco, IBM and Fortinet products.

An attacker, located as a Man-in-the-Middle, can therefore decrypt a Terminating TLS session, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2014-6100

IBM Directory Server: Cross Site Scripting of Admin UI

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting in Admin UI of IBM Directory Server, in order to execute JavaScript code in the context of the web site.
Impacted products: Security Directory Server, Tivoli Directory Server.
Severity: 2/4.
Consequences: administrator access/rights, client access/rights.
Provenance: document.
Creation date: 20/10/2014.
Identifiers: 1686581, CVE-2014-6100, VIGILANCE-VUL-15508.

Description of the vulnerability

The IBM Directory Server product offers a web service.

However, it does not filter data fetched from the URLs before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting in Admin UI of IBM Directory Server, in order to execute JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2013-6747

IBM GSKit: denial of service via SSL/TLS

Synthesis of the vulnerability

An attacker can send malicious SSL/TLS messages to applications using IBM GSKit, in order to trigger a denial of service.
Impacted products: DB2 UDB, Informix Server, Security Directory Server, SPSS Modeler, Tivoli Directory Server, Tivoli Storage Manager, Tivoli Workload Scheduler, WebSphere MQ.
Severity: 2/4.
Consequences: denial of service on service.
Provenance: internet client.
Creation date: 30/01/2014.
Identifiers: 1610582, 1662902, 1665137, 1668664, 1670524, 1671732, 1673696, 1674047, 1674824, 1674825, CVE-2013-6747, VIGILANCE-VUL-14158.

Description of the vulnerability

The IBM Global Security Kit (GSKit) suite implements the support of SSL/TLS for several IBM applications.

However, a malformed certificate chain triggers an error.

An attacker can therefore send malicious SSL/TLS messages to applications using IBM GSKit, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2013-6329

IBM GSKit: denial of service via SSLv2

Synthesis of the vulnerability

An attacker can send malicious SSLv2 messages to applications using IBM GSKit, in order to trigger a denial of service.
Impacted products: Informix Server, Tivoli Directory Server.
Severity: 2/4.
Consequences: denial of service on service.
Provenance: internet client.
Creation date: 30/01/2014.
Identifiers: 1660436, 1660440, 1662362, 88939, BID-64249, CVE-2013-6329, VIGILANCE-VUL-14155.

Description of the vulnerability

The IBM Global Security Kit (GSKit) suite implements the support of SSL/TLS for several IBM applications.

However, the SSLv2 session resumption is incorrectly implemented.

An attacker can therefore send malicious SSLv2 messages to applications using IBM GSKit, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.