IBM Global Security Kit 7 < / 8.0.14.x < / 8.0.50.x < Multiple Vulnerabilities (Linux)

low Nessus Plugin ID 74288


The remote Linux host has a library installed that is affected by multiple vulnerabilities.


The remote Linux host has a version of IBM Global Security Kit prior to / / It is, therefore, affected by the following vulnerabilities :

- An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA) that could allow nonce disclosure via the 'FLUSH+RELOAD' cache side-channel attack. (CVE-2014-0076)

- A denial of service vulnerability exists which an attacker can exploit by sending a specially crafted SSL request to cause the host to become unresponsive.


Apply GSKit / / or later or apply the appropriate patch referenced in the advisory.

See Also

Plugin Details

Severity: Low

ID: 74288

File Name: ibm_gskit_8_0_50_20_linux.nasl

Version: 1.6

Type: local

Agent: unix

Family: General

Published: 6/3/2014

Updated: 10/15/2020

Configuration: Enable paranoid mode

Supported Sensors: Nessus Agent

Risk Information

CVSS Score Source: CVE-2014-0076


Risk Factor: Low

Score: 3.6


Risk Factor: Low

Base Score: 1.9

Temporal Score: 1.4

Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N

Temporal Vector: E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:ibm:global_security_kit

Required KB Items: installed_sw/IBM GSKit, Settings/ParanoidReport

Exploit Ease: No known exploits are available

Patch Publication Date: 5/1/2014

Vulnerability Publication Date: 2/24/2014

Reference Information

CVE: CVE-2014-0076, CVE-2014-0963

BID: 66363, 67238