ZenLB Security Advisory for OpenSSL 3rdMay vulnerabilities

Zen-load-balancer-Security-advisory
4 May, 2016 | Announces, Technical

Dear Zen Master,

Yesterday 3rd of May, it was released a set of OpenSSL vulnerabilities (2 of them with high severity) where a Man In The Middle attack could decrypt traffic when the SSL connection uses certain ciphers. More information here.

ZSecAdv OpenSSL 3rd May

In detail, the vulnerabilities released and checked for Zen Load Balancer Editions are:

  • Memory corruption in the ASN.1 encoder (CVE-2016-2108) – Severity High
  • Padding oracle in AES-NI CBC MAC check (CVE-2016-2107) – Severity High
  • EVP_EncodeUpdate overflow (CVE-2016-2105) – Severity Low
  • EVP_EncryptUpdate overflow (CVE-2016-2106) – Severity Low
  • ASN.1 BIO excessive memory allocation (CVE-2016-2109) – Severity Low
  • EBCDIC overread (CVE-2016-2176) – Severity Low

Zen Load Balancer Enterprise & Community Editions needs the OpenSSL updates that we provide with any of our Support Plans. Please contact with us for any doubt.

Enjoy a secured Load Balancing!

SHARE ON:

Related Blogs

Posted by reluser | 27 November 2024
We are thrilled to announce the release of RELIANOID 8.2.0 (Enterprise Edition), packed with advanced features, essential improvements, and critical security fixes to enhance performance, usability, and resilience. Changelog New…
55 LikesComments Off on RELIANOID Load Balancer Enterprise Edition v8.2 Release Notes
Posted by reluser | 15 November 2024
If your business or project relies on Debian through AWS Marketplace, take note! AWS recently announced the retirement of Debian 10 “Buster” from its Marketplace offerings, effective as of November…
79 LikesComments Off on Debian 10 Buster Retiring on AWS Marketplace: Time to Upgrade to Debian 12
Posted by reluser | 13 November 2024
We are thrilled to announce the release of RELIANOID 7.5.0 (Community Edition), bringing vital new features, enhancements, and essential bug fixes to further elevate the user experience and security capabilities…
78 LikesComments Off on RELIANOID Load Balancer Community Edition v7.5 Release Notes