Vulnerabilities in OpenSSL affect AIX

SUMMARY: OpenSSL vulnerabilities were disclosed on January 28, 2016 by the OpenSSL Project. OpenSSL is used by AIX. AIX has addressed the applicable CVEs. =============================================================================== VULNERABILITY DETAILS: CVEID: CVE-2015-3197 DESCRIPTION: A malicious client can negotiate SSLv2 ciphers that have been disabled on the server and complete SSLv2 handshakes even if all SSLv2 ciphers have been…

Read More

UPDATE Multiple Security vulnerabilities in AIX OpenSSL

IBM – My notifications IBM SECURITY ADVISORY First Issued: Wed Jul 15 00:20:05 CDT 2015 | Updated: Wed Aug 12 05:13:23 CDT 2015 | Update: A new ifix for Power8 machines having OpenSSL v1.0.1.514 has been added | Update: “A. FIXES” section. The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/openssl_advisory14.asc https://aix.software.ibm.com/aix/efixes/security/openssl_advisory14.asc ftp://aix.software.ibm.com/aix/efixes/security/openssl_advisory14.asc…

Read More

Vulnerability in Diffie-Hellman ciphers affects sendmail on AIX

IBM SECURITY ADVISORY First Issued: Fri Aug  7 15:15:59 CDT 2015 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/sendmail_advisory.asc https://aix.software.ibm.com/aix/efixes/security/sendmail_advisory.asc ftp://aix.software.ibm.com/aix/efixes/security/sendmail_advisory.asc Security Bulletin:  Vulnerability in Diffie-Hellman ciphers affects sendmail on AIX (CVE-2015-4000) =============================================================================== SUMMARY: The Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects sendmail when using the…

Read More