SecuritySpace - CVE-2017-5872

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2017-5872

Description: The TCP/IP networking module in Unisys ClearPath MCP systems with TCP- IP-SW 57.1 before 57.152, 58.1 before 58.142, or 59.1 before 59.172, when running a TLS 1.2 service, allows remote attackers to cause a denial of service (network connectivity disruption) via a client hello with a signature_algorithms extension above those defined in RFC 5246, which triggers a full memory dump.

Test IDs: 1.3.6.1.4.1.25623.1.0.140189

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2017-5872
BugTraq ID: 96782
http://www.securityfocus.com/bid/96782

CVE ID:	CVE-2017-5872
Description:	The TCP/IP networking module in Unisys ClearPath MCP systems with TCP- IP-SW 57.1 before 57.152, 58.1 before 58.142, or 59.1 before 59.172, when running a TLS 1.2 service, allows remote attackers to cause a denial of service (network connectivity disruption) via a client hello with a signature_algorithms extension above those defined in RFC 5246, which triggers a full memory dump.
Test IDs:	1.3.6.1.4.1.25623.1.0.140189
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2017-5872 BugTraq ID: 96782 http://www.securityfocus.com/bid/96782