IBM Security Bulletin: Vulnerabilities in GSKit affect IBM® DB2® (CVE-2015-0138, CVE-2015-0159 and CVE-2014-6221)
|
Información sobre el sistema
|
|
|
Software afectado |
IBM |
Descripción
|
GSKit is an IBM component that is used by IBM DB2. The GSKit that is shipped with IBM DB2 contains multiple security vulnerabilities including the “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability. IBM DB2 has addressed the applicable CVEs. CVE(s): CVE-2015-0138, CVE-2015-0159 and CVE-2014-6221 Affected product(s) and affected version(s): Customers who have Secure Sockets Layer (SSL) support enabled in their DB2 database system are
More info:
https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_vulnerabilities_in_gskit_affect_ibm_db2_cve_2015_0138_cve_2015_0159_and_cve_2014_6221?lang=en_us |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
CVE-2015-0138 ,CVE-2015-0159 ,CVE-2014-6221 ,CVE-2015-1896 ,CVE-2015-0180 ,CVE-2015-0160 ,CVE-2015-0161 ,CVE-2015-0168 ,CVE-2015-0169 ,CVE-2015-0170 and CVE-2015-0171. |