Friday, December 9, 2016

IBM Security Bulletin: Vulnerabilities in OpenSSL, OpenVPN and GNU glibc affect IBM Security Virtual Server Protection for VMware

IBM Security Virtual Server Protection for VMware is affected by multiple vulnerabilities found in OpenSSL, OpenVPN and GNU glibc. OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Security Virtual Server Protection for VMware. IBM Security Virtual Server Protection for VMware has addressed the applicable CVEs.

CVE(s): CVE-2016-6302, CVE-2016-6304, CVE-2016-6305, CVE-2016-6303, CVE-2016-2182, CVE-2016-2180, CVE-2016-2179, CVE-2016-6306, CVE-2016-6307, CVE-2016-6308, CVE-2016-2181, CVE-2016-2183, CVE-2016-6309, CVE-2016-7052, CVE-2016-3706, CVE-2016-4429, CVE-2016-2177, CVE-2000-1254, CVE-2016-2178, CVE-2016-6323, CVE-2016-6329

Affected product(s) and affected version(s):

IBM Security Virtual Server Protection for VMware 1.1

IBM Security Virtual Server Protection for VMware 1.1.0.1

IBM Security Virtual Server Protection for VMware 1.1.1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2gkND2z
X-Force Database: http://ift.tt/2dR4fNY
X-Force Database: http://ift.tt/2dmY7tO
X-Force Database: http://ift.tt/2dR3XX1
X-Force Database: http://ift.tt/2dmXjFz
X-Force Database: http://ift.tt/2dR45pA
X-Force Database: http://ift.tt/2dmWOvf
X-Force Database: http://ift.tt/2dR5fBu
X-Force Database: http://ift.tt/2dmYpRr
X-Force Database: http://ift.tt/2dR3Smm
X-Force Database: http://ift.tt/2dmYa8Y
X-Force Database: http://ift.tt/2dmXLUk
X-Force Database: http://ift.tt/2dR3VyC
X-Force Database: http://ift.tt/2fn8D82
X-Force Database: http://ift.tt/2dTp6vD
X-Force Database: http://ift.tt/2heDe5H
X-Force Database: http://ift.tt/2gkDPFG
X-Force Database: http://ift.tt/2aPXjQq
X-Force Database: http://ift.tt/2gJ8WYq
X-Force Database: http://ift.tt/2asKHex
X-Force Database: http://ift.tt/2gkzkel
X-Force Database: http://ift.tt/2fCom3Z



from IBM Product Security Incident Response Team http://ift.tt/2gkGCPv
Posted by at

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)