Miembros de
Boletines de Vulnerabilidades |
IBM Security Bulletin: IBM Security Network Intrusion Prevention System can be affected by vulnerabilities in OpenSSL (CVE-2013-4353, CVE-2013-6450, and CVE-2013-6449) |
|
Información sobre el sistema |
|
| Software afectado | IBM |
Descripción |
|
|
The IBM Security Network Intrusion Prevention System can be affected by three vulnerabilities in OpenSSL. These vulnerabilities include crafting invalid TLS handshake to crash OpenSSL, using a flaw in Datagram TLS(DTLS) handling to crash an application and using a flaw to crash an application with TLS 1.2. CVE(s): CVE-2013-4353, CVE-2011-4576, CVE-2013-6450, CVE-2013-6449 and CVE-2012-2131 Affected product(s) and affected version(s): Products: GX3002, GX4002, GX4004, GX4004-v2, GX5008, More info: https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_ibm_security_network_intrusion_prevention_system_can_be_affected_by_vulnerabilities_in_openssl_cve_2013_4353_cve_2013_6450_and_cve_2013_6449?lang=en_us |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | CVE-2013-4353 ,CVE-2011-4576 ,CVE-2013-6450 ,CVE-2013-6449 ,CVE-2014-0839 ,CVE-2014-0840 ,CVE-2014-0842 ,CVE-2014-0843 ,CVE-2014-0853 ,CVE-2014-0855 and CVE-2012-2131. |
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Advisory issued | 2014-03-04 |