|
Home > Archive > WebSphere HTTP Server > January 2006 > OpenSSL ASN.1 Parsing Vulnerabilities in IBM HttpServer 6
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
OpenSSL ASN.1 Parsing Vulnerabilities in IBM HttpServer 6
|
|
|
| Hi there.
How do I patch our IBM HttpServer 6.0.2.3 so that this error is resolved? Our security certification company will not give us a high rating until this has been resolved....
The latest (6.0.2.5) does not seem to include any fixes for the IBM Httpserver....
This is the details of the vulnerability:
OpenSSL ASN.1 Parsing Vulnerabilities
Bugtraq ID: 8732
Class: Unknown
CVE: CAN-2003-0543, CAN-2003-0544, CAN-2003-054, CAN-2005-1730
Thanks - Christian
| |
|
| "
IBM has released APARS to address these issues in IBM HTTP server. Customers
are advised to apply an appropriate APAR as soon as possible. Please see the
referenced advisory (MSS-OAR-E01-2004.0422.1), for further details regarding
obtaining and applying an appropriate APAR. APARS are linked below.
"
http://www.securityfocus.com/bid/8732/solution
|
|
|
|
|