IBM GSKit could allow a remote attacker to obtain sensitive information, caused by an error in the DES/3DES cipher, used as a part of the SSL/TLS protocol. This vulnerability is known as the SWEET32 Birthday attack.
CVE(s): CVE-2016-2183
Affected product(s) and affected version(s):
IBM Tivoli Directory Server 6.2 and 6.3
IBM Security Directory Server 6.3.1 and 6.4
IBM Security Directory Suite 8.0 and 8.0.1
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2zTVIS0
X-Force Database: http://ift.tt/2dR3VyC
The post IBM Security Bulletin: A vulnerability has been addressed in the GSKit component of IBM Security Directory Server (CVE-2016-2183) appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team http://ift.tt/2zTVJp2
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.