Home Unlabelled IBM Security Bulletin: BigFix Platform is vulnerable to OpenSSL denial of service attack

IBM Security Bulletin: BigFix Platform is vulnerable to OpenSSL denial of service attack

By
Tuesday, April 25, 2017
Read
Add Comment

OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash.

CVE(s): CVE-2016-2177

Affected product(s) and affected version(s):

BigFix Platform 9.1

BigFix Platform 9.2

BigFix Platform 9.5

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2qaiGi8
X-Force Database: http://ift.tt/2aPXjQq

The post IBM Security Bulletin: BigFix Platform is vulnerable to OpenSSL denial of service attack appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team http://ift.tt/2qaHkPK
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us