PT-2015-4700 · Rsa+1 · Rsa Bsafe Ssl-J+1

Publicado

2015-08-20

Atualizado

2021-12-14

CVE-2015-0536

CVSS v2.0

4.3

Média

Vetor

AV:N/AC:M/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions EMC RSA BSAFE Micro Edition Suite (MES) versions 4.0.x through 4.0.7 EMC RSA BSAFE Micro Edition Suite (MES) versions 4.1.x through 4.1.2 RSA BSAFE SSL-C versions 2.8.9 and earlier

Description The issue allows remote attackers to cause a denial of service, resulting in a daemon crash. This occurs when client authentication and an ephemeral Diffie-Hellman ciphersuite are enabled, and a ClientKeyExchange message with a length of zero is sent.

Recommendations For EMC RSA BSAFE Micro Edition Suite (MES) versions 4.0.x through 4.0.7, update to version 4.0.8 or later. For EMC RSA BSAFE Micro Edition Suite (MES) versions 4.1.x through 4.1.2, update to version 4.1.3 or later. For RSA BSAFE SSL-C versions 2.8.9 and earlier, update to a version later than 2.8.9.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2015-0536

Produtos afetados

Emc Rsa Bsafe Micro Edition Suite

Rsa Bsafe Ssl-J

PT-2015-4700 · Rsa+1 · Rsa Bsafe Ssl-J+1

CVE-2015-0536

Identificadores relacionados

Produtos afetados

Referências · 3