NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Secunia Advisories> 2003-q2

[sec-adv] Stonesoft StoneBeat and StoneGate OpenSSL Vulnerabilities

From: Secunia Security Advisories (sec-advsecunia.com)
Date: Tue May 06 2003 - 03:55:22 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

TITLE:
Stonesoft StoneBeat and StoneGate OpenSSL Vulnerabilities

READ ONLINE:
http://www.secunia.com/advisories/8731/

CRITICAL:
Less critical

IMPACT:
Exposure of sensitive information

WHERE:
From remote

SOFTWARE:
Stonesoft StoneGate High Availability 2.x
Stonesoft StoneBeat WebCluster 2.x
Stonesoft StoneBeat SecurityCluster 2.x
Stonesoft StoneBeat FullCluster 2.x
Stonesoft StoneBeat FullCluster 3.x

DESCRIPTION:
Stonesoft has reported that some of their products are affected by
three recently discovered information disclosure vulnerabilities in
OpenSSL.

The vulnerabilities can be exploited by malicious people to gain
knowledge of the pre-master secret, a server's private key, or a used
plaintext block in a SSL/TLS session.

For more information:
http://www.secunia.com/advisories/8101/
http://www.secunia.com/advisories/8330/
http://www.secunia.com/advisories/8360/

SOLUTION:
Upgrade StoneGate engine to version 2.0.9.

According to Stonesoft, the new version will be shipped automatically
to all customers with valid support and maintenance contracts.

Patches will be available for all StoneBeat clustering products at:
http://www.stonesoft.com/download/

ORIGINAL ADVISORY:
http://www.stonesoft.com/document/art/2949.html

----------------------------------------------------------------------

Secunia recommends that you verify all advisories you receive, by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

Contact details:
Web : http://www.secunia.com/
E-mail : supportsecunia.com
Tel : +44 (0) 20 7016 2693
Fax : +44 (0) 20 7637 0419

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories

----------------------------------------------------------------------

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]