Security Bulletin: IBM Java Runtime Vulnerability Affects IBM Secure External Authentication Server (CVE-2020-2654)

Summary IBM Secure External Authentication Server has addressed the applicable vulnerability in IBM® Runtime Environment Java™ Version 1.8 . Vulnerability Details CVEID: CVE-2020-2654 DESCRIPTION: An unspecified vulnerability in Java SE related to the Java SE Libraries component could allow an...

Security Bulletin: Multiple Vulnerabilities affect IBM Sterling External Authentication Server

Summary Three Eclipse Jetty request smuggling vulnerabilities were addressed by IBM Sterling External Authentication Server. Vulnerability Details CVE-ID: CVE-2017-7656 Description: Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw in the HTTP/1.x Parser. By sending a...

Security Bulletin: IBM Java Runtime Vulnerability Affects IBM Sterling External Authentication Server (CVE-2020-2781)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 1.8 used by IBM Sterling External Authentication Server. IBM Sterling External Authentication Server has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2020-2781 DESCRIPTION: An unspecified...

CVE-2020-4462

IBM Sterling External Authentication Server 6.0.1, 6.0.0, 2.4.3.2, and 2.4.2 and IBM Sterling Secure Proxy 6.0.1, 6.0.0, 3.4.3, and 3.4.2 are vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive...

CVE-2020-4462

IBM Sterling External Authentication Server 6.0.1, 6.0.0, 2.4.3.2, and 2.4.2 and IBM Sterling Secure Proxy 6.0.1, 6.0.0, 3.4.3, and 3.4.2 are vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive...

Xxe

IBM Sterling External Authentication Server 6.0.1, 6.0.0, 2.4.3.2, and 2.4.2 and IBM Sterling Secure Proxy 6.0.1, 6.0.0, 3.4.3, and 3.4.2 are vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive...

CVE-2020-4462

CVE-2020-4462 concerns IBM Sterling External Authentication Server and IBM Sterling Secure Proxy. The NVD and IBM advisories describe an XML External Entity (XXE) vulnerability when processing XML data that could allow a remote attacker to expose sensitive information or consume memory resources....

Security Bulletin: XML External Entity Injection (XXE) Vulnerability Affects IBM Secure External Authentication Server (CVE-2020-4462)

Summary An XXE vulnerability was addressed by IBM Secure External Authentication Server. Vulnerability Details CVEID: CVE-2020-4462 DESCRIPTION: IBM Sterling External Authentication Server and IBM Sterling Secure Proxy is vulnerable to an XML External Entity Injection XXE attack when processing X...

CVE-2013-0517

A Command Execution Vulnerability exists in IBM Sterling External Authentication Server 2.2.0, 2.3.01, 2.4.0, and 2.4.1 via an unspecified OS command, which could let a local malicious user execute arbitrary code...

CVE-2013-0517

IBM Sterling External Authentication Server (SEAS) is affected by CVE-2013-0517: an OS command can be executed via the Command Line Adapter when an administrator configures a system command. Impact: local attacker with admin privileges could run arbitrary OS commands, compromising confidentiality...

Security Bulletin: Multiple Vulnerabilities in IBM java Runtime Affect IBM Sterling External Authentication Server

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 1.8 used by IBM Sterling External Authentication Server. These issues were disclosed as part of the IBM Java SDK updates in January 2019. Vulnerability Details CVEID: CVE-2018-12547 DESCRIPTION: Eclipse OpenJ9 is...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Sterling External Authentication Server (CVE-2016-3426, CVE-2016-3485)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 7.0 that is used by IBM Sterling External Authentication Server. These issues were disclosed as part of the IBM Java Runtime updates in April 2016 and July 2016. Vulnerability Details CVEID:...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Sterling External Authentication Server

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 1.8 used by IBM Sterling External Authentication Server. These issues were disclosed as part of the IBM Java SDK updates in Jul 2017. Vulnerability Details CVEID: CVE-2017-10116 DESCRIPTION: An unspecified...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Sterling External Authentication Server (CVE-2015-7575, CVE-2016-0475, CVE-2015-4872, CVE-2015-5006)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 7.0 that is used by IBM Sterling External Authentication Server. These issues were disclosed as part of the IBM Java Runtime updates in October 2015 and January 2016 and include the...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Sterling External Authentication Server

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 1.8 used by IBM Sterling External Authentication Server. These issues were disclosed as part of the IBM Java SDK updates in Oct 2016 and Jan 2017. Vulnerability Details CVEID: CVE-2016-5546 DESCRIPTION: An...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Sterling Secure Proxy and Sterling External Authentication Server (CVE-2015-0488, CVE-2015-1916, CVE-2015-2808, CVE-2015-0478, CVE-2015-0204)

Summary There are multiple vulnerabilities in IBM Runtime Environment Java Technology Edition, Version 1.7.0 that is used by Sterling Secure Proxy and Sterling External Authentication Server. These issues were disclosed as part of the IBM Java SDK updates in April 2015. Vulnerability Details CVEI...

Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime Affect IBM Sterling External Authentication Server

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 1.8 used by IBM Sterling External Authentication Server. These issues were disclosed as part of the IBM Java SDK updates in October 2017 and January 2018. Vulnerability Details CVEID: CVE-2017-10356 DESCRIPTION: ...

hostapd Input Validation Error Vulnerability

hostapd is a user space daemon for access points and authentication servers. An input validation error vulnerability exists in 802.11w security state handling in hostapd version 2.6, which can be exploited by an attacker to cause a denial of service...

Fedora Update for hostapd FEDORA-2019-2265b5ae86

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 31 Update: hostapd-2.9-2.fc31

hostapd is a user space daemon for access point and authentication servers. It implements IEEE 802.11 access point management, IEEE 802.1X/WPA/WPA2/EAP Authenticators and RADIUS authentication server. hostapd is designed to be a "daemon" program that runs in the back-ground a nd acts as the backe...