IBM Security Bulletin: IBM Security Network Intrusion Prevention System can be affected by vulnerabilities in OpenSSL (CVE-2013-4353, CVE-2013-6450, and CVE-2013-6449)
|
System information
|
| |
|
|
Affected software |
IBM |
Description
|
The IBM Security Network Intrusion Prevention System can be affected by three vulnerabilities in OpenSSL. These vulnerabilities include crafting invalid TLS handshake to crash OpenSSL, using a flaw in Datagram TLS(DTLS) handling to crash an application and using a flaw to crash an application with TLS 1.2. CVE(s): CVE-2013-4353, CVE-2011-4576, CVE-2013-6450, CVE-2013-6449 and CVE-2012-2131 Affected product(s) and affected version(s): Products: GX3002, GX4002, GX4004, GX4004-v2, GX5008,
More info:
https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_ibm_security_network_intrusion_prevention_system_can_be_affected_by_vulnerabilities_in_openssl_cve_2013_4353_cve_2013_6450_and_cve_2013_6449?lang=en_us |
Standar resources
|
|
Property |
Value |
|
CVE |
CVE-2013-4353 ,CVE-2011-4576 ,CVE-2013-6450 ,CVE-2013-6449 ,CVE-2014-0839 ,CVE-2014-0840 ,CVE-2014-0842 ,CVE-2014-0843 ,CVE-2014-0853 ,CVE-2014-0855 and CVE-2012-2131. |
