Boletines de Vulnerabilidades

Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL

Información sobre el sistema
   
Software afectado IBM

Descripción
Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL CVE(s): CVE-2010-5298 Affected product(s) and affected version(s): AIX 5.3, 6.1 and 7.1 VIOS 2.X Refer to the following reference URLs for remediation and additional vulnerability details: Source Bulletin: http://aix.software.ibm.com/aix/efixes/security/openssl_advisory8.asc X-Force Database: http://xforce.iss.net/xforce/xfdb/92632

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/race_condition_in_the_ssl3_read_bytes_function_in_s3_pkt_c_in_openssl?lang=en_us

Identificadores estándar
Propiedad Valor
CVE CVE-2010-5298 and CVE-2014-0935.

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2014-06-13

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT