IBM Security Bulletin: Vulnerability in GSKit affects IBM Tivoli Directory Server and IBM Security Directory Server for AIX (CVE-2016-2183)

There is a vulnerability in GSKit that impacts IBM Tivoli Directory Server and IBM Security Directory Server for AIX.

CVE(s): CVE-2016-2183

Affected product(s) and affected version(s):

        AIX 5.3, 6.1, 7.1, 7.2
        VIOS 2.2.x

        The following levels are vulnerable if the respective IBM Tivoli
        Directory Server or IBM Security Directory Server version is 
        installed:
        For ITDS 6.2:     Less than 6.2.0.52
        For ITDS 6.3.0:   Less than 6.3.0.45
        For ISDS 6.3.1:   Less than 6.3.1.20
        For ISDS 6.4.0:   Less than 6.4.0.11
        
        Note: To find out whether the affected ITDS or ISDS filesets are  
        installed on your systems, refer to the lslpp command found in AIX
        user's guide.

        Example:  lslpp -L | grep -i itds

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2f38Vim
X-Force Database: http://ift.tt/2dR3VyC

The post IBM Security Bulletin: Vulnerability in GSKit affects IBM Tivoli Directory Server and IBM Security Directory Server for AIX (CVE-2016-2183) appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team http://ift.tt/2xPcJLU