Security Bulletin: GSKit SSL/TLS Record Length vulnerability in Tivoli Access Manager for e-business (CVE-2012-2191)
IBM PSIRT 270004PFE3 email@example.com | | Tags:  psirtmedium psirtsecurity
0 Comments | 348 Visits
A vulnerability has been identified in the GSKit component utilized by Tivoli Access Manager for e-business (TAM). A specifically crafted malformed SSL/TLS data packet can cause the TAM server component using GSKit to segmentation fault.. Remediation for the issue consists of upgrading affected GSKit 7 versions to version 18.104.22.168 or higher following the instructions at the end of this bulletin.
Affected product(s) & Affected version(s):
All supported Tivoli Access Manager versions are affected if they use GSKit 7.0.x.x builds before and including 22.214.171.124
Refer to the following reference URLs for remediation and additional vulnerability details.