VULNERABILITIES / FIXES - September 12, 2012
by Carol~ - 9/12/12 8:53 AM
RSA BSAFE SSL-C Multiple Vulnerabilities
Release Date : 2012-09-12
Criticality level : Highly critical
Impact : Hijacking
Exposure of sensitive information
Where : From remote
Solution Status : Vendor Patch
Software: RSA BSAFE
EMC has acknowledged a weakness and a vulnerability in RSA BSAFE, which can be exploited by malicious people to disclose sensitive information, hijack a user's session, and potentially compromise an application using the library.
The weakness and the vulnerability are reported in RSA BSAFE SSL-C versions prior to 2.8.6.
Update to RSA BSAFE SSL-C version 2.8.6.