IBM Global Security Kit (aka GSKit), as used in Content Manager OnDemand 8.5 and 9.0 and other products, allows remote attackers to cause a denial of service via a crafted handshake during resumption of an SSLv2 session.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Content_manager_ondemand_for_multiplatforms | Ibm | 8.5 (including) | 8.5 (including) |
| Content_manager_ondemand_for_multiplatforms | Ibm | 9.0 (including) | 9.0 (including) |
| Global_security_kit | Ibm | - (including) | - (including) |
| Security_access_manager_for_web | Ibm | 6.0 (including) | 6.0 (including) |
| Security_access_manager_for_web | Ibm | 6.1 (including) | 6.1 (including) |
| Security_access_manager_for_web | Ibm | 6.1.1 (including) | 6.1.1 (including) |
| Security_access_manager_for_web | Ibm | 7.0 (including) | 7.0 (including) |
References
- http://secunia.com/advisories/56058
- http://www-01.ibm.com/support/docview.wss?uid=swg21659548
- http://www-01.ibm.com/support/docview.wss?uid=swg21659716
- http://www-01.ibm.com/support/docview.wss?uid=swg21659837
- http://www-01.ibm.com/support/docview.wss?uid=swg21669554
- http://www-01.ibm.com/support/docview.wss?uid=swg21676091
- http://www-01.ibm.com/support/docview.wss?uid=swg21676092
- https://exchange.xforce.ibmcloud.com/vulnerabilities/88939
- http://secunia.com/advisories/56058
- http://www-01.ibm.com/support/docview.wss?uid=swg21659548
- http://www-01.ibm.com/support/docview.wss?uid=swg21659716
- http://www-01.ibm.com/support/docview.wss?uid=swg21659837
- http://www-01.ibm.com/support/docview.wss?uid=swg21669554
- http://www-01.ibm.com/support/docview.wss?uid=swg21676091
- http://www-01.ibm.com/support/docview.wss?uid=swg21676092
- https://exchange.xforce.ibmcloud.com/vulnerabilities/88939