Yesterday 3rd of May, it was released a set of OpenSSL vulnerabilities (2 of them with high severity) where a Man In The Middle attack could decrypt traffic when the SSL connection uses certain ciphers. More information here.
In detail, the vulnerabilities released and checked for Zen Load Balancer Editions are:
Memory corruption in the ASN.1 encoder (CVE-2016-2108) – Severity High
Padding oracle in AES-NI CBC MAC check (CVE-2016-2107) – Severity High
ASN.1 BIO excessive memory allocation (CVE-2016-2109) – Severity Low
EBCDIC overread (CVE-2016-2176) – Severity Low
Zen Load Balancer Enterprise & Community Editions needs the OpenSSL updates that we provide with any of our Support Plans. Please contact with us for any doubt.
The distinction between penetration testing and vulnerability scanning is often blurred. However, understanding their nuanced disparities is crucial for organizations to tailor their security strategies effectively. While both methodologies contribute…
24 LikesComments Off on Key differences between Pen Testing & Vulnerability Scanning
We are thrilled to announce the release of RELIANOID 7.2.0 (Community Edition), a significant update that introduces new features, improvements, and bugfixes to enhance your load balancing experience. This release,…
59 LikesComments Off on Open Source Load Balancer RELIANOID CE v7.2.0 is released!
Load balancing is crucial for building reliable distributed systems, optimizing workload allocation across various computing resources like computers, clusters, and network links. Its aim is to enhance resource utilization, maximize…
68 LikesComments Off on Deep dive into Network Load Balancing and Proxying