UPDATE Vulnerability in SSLv3 affects AIX

IBM SECURITY ADVISORY First Issued: Wed Jun 17 09:52:06 CDT 2015 |Updated: Fri Jun 26 15:52:00 CDT 2015 |Update: Added clarification that the sendmail fixes only apply when |using the SSL-enabled sendmail binary, /usr/sbin/sendmail_ssl The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/nettcp_advisory.asc https://aix.software.ibm.com/aix/efixes/security/nettcp_advisory.asc ftp://aix.software.ibm.com/aix/efixes/security/nettcp_advisory.asc Security Bulletin: Vulnerability in SSLv3 affects ftpd, sendmail,…

Read More

Vulnerability in SSLv3 affects AIX

IBM SECURITY ADVISORY First Issued: Wed Jun 17 09:52:06 CDT 2015 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/nettcp_advisory.asc https://aix.software.ibm.com/aix/efixes/security/nettcp_advisory.asc ftp://aix.software.ibm.com/aix/efixes/security/nettcp_advisory.asc Security Bulletin: Vulnerability in SSLv3 affects ftpd, sendmaild, imapd, and popd on AIX (CVE-2014-3566) =============================================================================== SUMMARY: SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded…

Read More

Security Bulletin: Vulnerability in SSLv3 affects TS3500 (CVE-2014-3566)

Security Bulletin Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption (POODLE) attack. SSLv3 is enabled in TS3500. Vulnerability Details CVE-ID: CVE-2014-3566 DESCRIPTION: Product could allow a remote attacker to obtain sensitive information, caused by a design error when using the SSLv3 protocol. A remote user…

Read More