‫ Attachmate Reflection 2011 / 2014 Multiple Products OpenSSL Security Issue and FTP Client Code Execution Vulnerabilities

IRCAD2014083453

ID: IRCAD2014083453

Release Date: 2014-08-07

Criticality level: Highly critical

Software:
Attachmate Reflection 2014
Attachmate Reflection for IBM 2014

Attachmate Reflection for UNIX and OpenVMS 2014

Attachmate Reflection Pro 2014
Attachmate Reflection X 2014
Reflection for IBM 2011
Reflection for UNIX and OpenVMS 2011
Reflection Standard Suite 2011
Description:

A security issue and multiple vulnerabilities have been reported in multiple Attachmate Reflection 2011 and 2014 products, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, and compromise a user's system.

1) An error is caused due to a bundled vulnerable version of OpenSSL within the Reflection FTP Client.

2) Multiple errors exist within the Reflection FTP Client OLE Automation (COM/ActiveX) API.

The security issue and the vulnerabilities are reported in versions 15.6.1.698 and prior.

Solution

Update to version 15.6.1.706 or later.

References:
Secunia:
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 21 مرداد 1393

امتیاز

امتیاز شما
تعداد امتیازها:0