Nortel response to Sun Alert 200858 - Security Vulnerability in Solaris 10 OpenSSL SSL_get_shared_ciphers() Function
| Description: |
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200858-1 Sun Microsystems has recently issued Sun Alert 2000858 - Security Vulnerability in Solaris 10 OpenSSL SSL_get_shared_ciphers() Function. Some Nortel products contain this software as a component and thus are potentially affected by the vulnerabilities addressed. This bulletin provides a multi-product consolidated response for the Nortel products which are potentially affected. This bulletin addresses the following potential vulnerability: A security vulnerability in the SSL_get_shared_ciphers() function within the OpenSSL library shipped with Solaris 10 may affect applications which make use of this function. The exact impact will vary depending on the way this function is used by the application. For example, if the application communicates with remote hosts and makes use of the SSL_get_shared_ciphers() function, it may be possible for a local or remote user to execute arbitrary code with the privileges of the impacted application or to cause the application to crash, which is a type of Denial of Service (DoS). Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories |
| Type: |
Security Advisories |
| Number: |
2008008707, Rev 1 |
| Status: |
Retired |
| Date: |
2008-12-01 |
