TLS Vulnerability in IBM Tivoli and Security Directory Servers
CVE-2015-0138

Currently unrated

Key Information:

Vendor

IBM
Status
Tivoli Directory Server
Vendor
CVE Published:
25 March 2015

What is CVE-2015-0138?

A vulnerability exists in the GSKit component of IBM Tivoli Directory Server and IBM Security Directory Server that improperly restricts TLS state transitions. This flaw allows remote attackers to exploit the system through crafted TLS traffic, facilitating cipher-downgrade attacks to weaker EXPORT_RSA ciphers. These transitions are related to known issues like the 'FREAK' vulnerability, impacting the security of encrypted communications.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://rhn.redhat.com/errata/RHSA-2015-1007.html
vendor-advisoryx_refsource_REDHAT
http://www.securityfocus.com/bid/73326
vdb-entryx_refsource_BID
http://rhn.redhat.com/errata/RHSA-2015-1006.html
vendor-advisoryx_refsource_REDHAT

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.