Back to search
CVE-2012-2191
Published: Aug 8, 2012
Modified: Aug 6, 2024
PUBLISHED
Description
IBM Global Security Kit (aka GSKit) before 8.0.14.22, as used in IBM Rational Directory Server, IBM Tivoli Directory Server, and other products, does not properly validate data during execution of a protection mechanism against the Vaudenay SSL CBC timing attack, which allows remote attackers to cause a denial of service (application crash) via crafted values in the TLS Record Layer, a different vulnerability than CVE-2012-2333.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
IV31980
vendor-advisory
x_refsource_AIXAPAR
51279
third-party-advisory
x_refsource_SECUNIA
rds-recordlayer-dos(75996)
vdb-entry
x_refsource_XF
54743
vdb-entry
x_refsource_BID
IV31981
vendor-advisory
x_refsource_AIXAPAR
http://www-01.ibm.com/support/docview.wss?uid=swg21606145
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now