BSA-2017-259
Summary
Security Advisory ID : BSA-2017-259
Component : Weak ciphers such as RC4-MD5
Revision : 1.0: Interim
If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash.
Affected Products
Product | Current Assessment |
---|---|
Brocade ServerIron ADX | Impacted: Fixed in 12.5.02n. |
Brocade Virtual ADX | Impacted: Fixed in 4.0.00f. |
Products Confirmed Not Vulnerable
Brocade Fabric OS, Brocade FastIron OS, Brocade NetIron OS, Brocade Network OS, Brocade Services Director, Brocade SLX-OS, and Brocade Virtual Web Application Firewall are confirmed not affected by this vulnerability.
Workaround
There are no workarounds that address this vulnerability.
Revision History
Version | Change | Date |
---|---|---|
1.0 | Initial Publication | May 2, 2017 |