Denial of Service Vulnerability in IBM Global Security Kit
CVE-2013-6329

Currently unrated

Key Information:

Vendor: IBM
Status: Security Access Manager For Web; Content Manager Ondemand For Multiplatforms; Global Security Kit
Vendor: CVE Published:; 17 December 2013

Summary

The IBM Global Security Kit (GSKit) is susceptible to a Denial of Service (DoS) attack, where an adversary can exploit the SSLv2 session handshake process. By sending a crafted handshake during the resumption phase of an SSLv2 session, attackers can disrupt service, potentially leading to significant downtime for affected applications. This vulnerability may impact users of Content Manager OnDemand versions 8.5 and 9.0, making it essential for organizations to apply relevant security patches and updates to mitigate the risks associated with this exploit.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21676092

x_refsource_CONFIRM

http://www-01.ibm.com/support/docview.wss?uid=swg21659716

x_refsource_CONFIRM

http://secunia.com/advisories/56058

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Dec 17, 2013
Vulnerability Reserved
Oct 31, 2013