|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[SA11178] Stonesoft Multiple Products OpenSSL Vulnerability
From: Secunia Security Advisories (sec-adv
secunia.com)
Date: Mon Mar 22 2004 - 04:04:51 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
TITLE:
Stonesoft Multiple Products OpenSSL Vulnerability
SECUNIA ADVISORY ID:
SA11178
VERIFY ADVISORY:
http://secunia.com/advisories/11178/
CRITICAL:
Moderately critical
IMPACT:
DoS
WHERE:
From remote
SOFTWARE:
Stonesoft StoneBeat FullCluster 3.x
Stonesoft StoneBeat FullCluster 2.x
Stonesoft StoneBeat SecurityCluster 2.x
Stonesoft StoneBeat WebCluster 2.x
Stonesoft StoneGate High Availability 2.x
DESCRIPTION:
Stonesoft has reported that some products may be affected by a
vulnerability in the OpenSSL implementation. This can potentially be
exploited by malicious people to cause a DoS (Denial-of-Service).
For more information:
SA11139
SOLUTION:
The vulnerability will be fixed in the following versions of the
StoneGate engine:
* StoneGate engine 2.2.5 for Intel platform
* StoneGate engine 2.2.5 for IBM zSeries platform
* StoneGate engine 2.0.12 for SPARC platform
A patch will be released for all StoneBeat clustering products.
Restrict access to SSL-based services, allowing only trusted IP
addresses to connect.
ORIGINAL ADVISORY:
http://www.stonesoft.com/document/art/3123.html
OTHER REFERENCES:
SA11139:
http://secunia.com/advisories/11139/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
----------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]