Denial of Service via SSL/TLS Handshake in Hitachi Cosminexus Software
CVE-2007-5281

Currently unrated

Key Information:

Vendor
Hitachi
Status
Ucosminexus Operator
Ucosminexus Application Server Standard
Ucosminexus Developer Professional
Ucosminexus Service Architect
Vendor
CVE Published:
9 October 2007

Summary

The Java Secure Socket Extension (JSSE) in various versions of the Hitachi Cosminexus Developer's Kit for Java is susceptible to a denial of service attack. When utilizing JSSE for SSL/TLS support, malicious remote attackers can exploit specific SSL/TLS handshake requests to disrupt service availability. This vulnerability primarily affects versions prior to 07-50-01 of Hitachi Cosminexus 7.5, potentially impacting system integrity and user accessibility.

References

http://www.securityfocus.com/bid/25935
vdb-entryx_refsource_BID
http://www.vupen.com/english/advisories/2007/3375
vdb-entryx_refsource_VUPEN
http://www.hitachi-support.com/security_e/vuls_e/HS07-031...
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.