PT-2015-4700 · Rsa+1 · Rsa Bsafe Ssl-J+1

Published

2015-08-20

Updated

2021-12-14

CVE-2015-0536

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions EMC RSA BSAFE Micro Edition Suite (MES) versions 4.0.x through 4.0.7 EMC RSA BSAFE Micro Edition Suite (MES) versions 4.1.x through 4.1.2 RSA BSAFE SSL-C versions 2.8.9 and earlier

Description The issue allows remote attackers to cause a denial of service, resulting in a daemon crash. This occurs when client authentication and an ephemeral Diffie-Hellman ciphersuite are enabled, and a ClientKeyExchange message with a length of zero is sent.

Recommendations For EMC RSA BSAFE Micro Edition Suite (MES) versions 4.0.x through 4.0.7, update to version 4.0.8 or later. For EMC RSA BSAFE Micro Edition Suite (MES) versions 4.1.x through 4.1.2, update to version 4.1.3 or later. For RSA BSAFE SSL-C versions 2.8.9 and earlier, update to a version later than 2.8.9.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2015-0536

Affected Products

Emc Rsa Bsafe Micro Edition Suite

Rsa Bsafe Ssl-J

PT-2015-4700 · Rsa+1 · Rsa Bsafe Ssl-J+1

CVE-2015-0536

Related Identifiers

Affected Products

References · 3