Hotfix Resolves Network DLP Vulnerabilities

​Two vulnerabilities in Network DLP have been discovered and resolved.

AFFECTED SOFTWARE

• Network DLP 9.3.4.1 and higher

REMEDIATED/PATCHED VERSIONS
The vulnerability is remediated in these versions:

• Network DLP 9.3.4.1.2 + Hotfix 1146411

IMPACT

• CVE-2015-2808 (CVSS: 6.3; Severity: Medium) The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, also known as the "Bar Mitzvah" issue.

• CVE-2008-5161 (CVSS: 2.2; Severity: Low) Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.

RECOMMENDATION
Intel Security recommends that all customers verify that they have applied the latest updates. Impacted users should install the relevant patches or hotfixes. For full instructions and information, see Knowledge Base article SB10163, Security Bulletin: Network Data Loss Prevention update fixes CVE-2015-2808 and CVE-2008-5161
 ( https://kc.mcafee.com/corporate/index?page=content&id=SB10163)