IBM Global Security Kit 7 < 184.108.40.206 / 8.0.14.x < 220.127.116.11 / 8.0.50.x < 18.104.22.168 Multiple Vulnerabilities
High Nessus Plugin ID 74287
The remote Windows host has a library installed that is affected by multiple vulnerabilities.
The remote Windows host has a version of IBM Global Security Kit prior to 22.214.171.124 / 126.96.36.199 / 188.8.131.52. It is, therefore, affected by the following vulnerabilities : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA) that could allow nonce disclosure via the 'FLUSH+RELOAD' cache side-channel attack. (CVE-2014-0076) - A denial of service vulnerability exists which an attacker can exploit by sending a specially crafted SSL request to cause the host to become unresponsive. (CVE-2014-0963)
Apply GSKit 184.108.40.206 / 220.127.116.11 / 18.104.22.168 or later or apply the appropriate patch referenced in the advisory.