Multiple Dell EMC Products are prone to an buffer-overflow vulnerability.
Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application to cause denial-of-service conditions.
The following products are affected:
Dell EMC RSA BSAFE Micro Edition Suite versions 4.0.x prior to 4.0.11
Dell EMC RSA BSAFE Micro Edition Suite versions 4.1.x prior to 4.1.6
Dell EMC RSA BSAFE Crypto-C Micro Edition version 4.0.x prior to 4.0.5.3
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com
Solution:
Updates are available. Please see the references or vendor advisory for more information.
| Bugtraq ID: | 108106 |
| Class: | Boundary Condition Error |
| CVE: | CVE-2018-11058 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 28 2018 12:00AM |
| Updated: | Aug 28 2018 12:00AM |
| Credit: | The vendor reported this issue. |
| Vulnerable: | Dell EMC RSA BSAFE Micro Edition Suite (MES) 4.1.3 Dell EMC RSA BSAFE Micro Edition Suite (MES) 4.1.2 Dell EMC RSA BSAFE Micro Edition Suite (MES) 4.1.1 Dell EMC RSA BSAFE Micro Edition Suite (MES) 4.0.5 Dell EMC RSA BSAFE Micro Edition Suite (MES) 4.0.4 Dell EMC RSA BSAFE Micro Edition Suite (MES) 4.0.3 Dell EMC RSA BSAFE Micro Edition Suite (MES) 4.0.2 Dell EMC RSA BSAFE Micro Edition Suite (MES) 4.0.1 Dell EMC RSA BSAFE Crypto-C Micro Edition (Crypto-C ME) 4.0.4 Dell EMC RSA BSAFE Crypto-C Micro Edition (Crypto-C ME) 4.0.3 Dell EMC RSA BSAFE Crypto-C Micro Edition (Crypto-C ME) 4.0.2 Dell EMC RSA BSAFE Crypto-C Micro Edition (Crypto-C ME) 4.0.1 Dell EMC RSA BSAFE Crypto-C Micro Edition (Crypto-C ME) 4.0 |
| Not Vulnerable: | Dell EMC RSA BSAFE Micro Edition Suite (MES) 4.1.6 Dell EMC RSA BSAFE Micro Edition Suite (MES) 4.0.11 Dell EMC RSA BSAFE Crypto-C Micro Edition (Crypto-C ME) 4.0.5.3 |
References:
- DSA-2018-128: RSA BSAFE Micro Edition Suite and Crypto-C Micro Edition Multiple (Seclists.org)
- Dell Homepage (Dell)
from SecurityFocus Vulnerabilities https://ift.tt/2Ls4aRs
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.