Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Abonnez-vous gratuitement à notre NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Se désabonner

Vigil@nce - IBM AIX : Man-in-the-Middle of bos.net.tcp

septembre 2016 par Vigil@nce

This bulletin was written by Vigil@nce : https://vigilance.fr/offer

SYNTHESIS OF THE VULNERABILITY

An attacker can act as a Man-in-the-Middle on a bos.net.tcp
software of IBM AIX, in order to read or write data in the session.

Impacted products : AIX.

Severity : 2/4.

Creation date : 27/07/2016.

DESCRIPTION OF THE VULNERABILITY

The IBM AIX product uses the TLS protocol, in order to create
secure sessions.

However, the default TLS version (1.0) used by bos.net.tcp
(client, server, imapd, pop3d and sendmail) is not the latest
available version (1.2), and this version is impacted by
Man-in-the-Middle attacks.

An attacker can therefore act as a Man-in-the-Middle on a
bos.net.tcp software of IBM AIX, in order to read or write data in
the session.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

https://vigilance.fr/vulnerability/IBM-AIX-Man-in-the-Middle-of-bos-net-tcp-20230


Voir les articles précédents

    

Voir les articles suivants