ZenLB Security Advisory for OpenSSL 3rdMay vulnerabilities

Zen-load-balancer-Security-advisory
Posted by Zevenet | 4 May, 2016 | Announces, Technical

Dear Zen Master,

Yesterday 3rd of May, it was released a set of OpenSSL vulnerabilities (2 of them with high severity) where a Man In The Middle attack could decrypt traffic when the SSL connection uses certain ciphers. More information here.

ZSecAdv OpenSSL 3rd May

In detail, the vulnerabilities released and checked for Zen Load Balancer Editions are:

  • Memory corruption in the ASN.1 encoder (CVE-2016-2108) – Severity High
  • Padding oracle in AES-NI CBC MAC check (CVE-2016-2107) – Severity High
  • EVP_EncodeUpdate overflow (CVE-2016-2105) – Severity Low
  • EVP_EncryptUpdate overflow (CVE-2016-2106) – Severity Low
  • ASN.1 BIO excessive memory allocation (CVE-2016-2109) – Severity Low
  • EBCDIC overread (CVE-2016-2176) – Severity Low

Zen Load Balancer Enterprise & Community Editions needs the OpenSSL updates that we provide with any of our Support Plans. Please contact with us for any doubt.

Enjoy a secured Load Balancing!

SHARE ON:

Related Blogs

Posted by zenweb | 22 September 2021
We have recently witnessed a growing number of cyber-crimes prevailing in industries worldwide. While most regulatory and governing bodies are stepping up to prevent such incidents, it is yet evident…
LikesComments Off on 10 Importance of Information Security Audit
Posted by zenweb | 16 April 2021
ZEVENET is a smart company focused on the Application Delivery Controller market and really obsessed with the security in the delivery, for that reason we really know that today the…
182 LikesComments Off on ZEVENET Multi-Layered Security Overview in the Edge
Posted by zenweb | 23 March 2021
The world of the internet is full of people waiting to breach into your system. They want to get a grasp of your personal information and exploit it. This might…
182 LikesComments Off on Importance of Cybersecurity for Businesses