138 matches found
Security Bulletin:Vulnerability in OpenSSL affects IBM PureApplication System. (CVE-2015-1788)
Summary An OpenSSL denial of service vulnerability disclosed by the OpenSSL Project affects GSKit. IBM PureApplication System uses GSKit in user registry components in the Web application pattern type and GPFS pattern type. IBM PureApplication System addressed the applicable CVE. Vulnerability...
Security Bulletin:A security vulnerability has been identified in IBM HTTP Server used by IBM WebSphere Application Server which is shipped with IBM PureApplication System (CVE-2015-4947)
Summary IBM WebSphere Application Server is shipped as a component of IBM PureApplication System. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Consult the security bulletin Stack Buffer...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM PureApplication System (CVE-2015-2017)
Summary IBM WebSphere Application Server is shipped as a component of IBM PureApplication System. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Consult the security bulletin HTTP response...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK including Logjam affect IBM PureApplication System. (CVE-2015-4000, CVE-2015-2613, CVE-2015-2601, CVE-2015-2625, and CVE-2015-1931)
Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 6 and 7, that is used by IBM PureApplication System. These issues were disclosed as part of the IBM Java SDK updates in July 2015. This bulletin also addresses the Logjam Attack on TLS connections using the...
Security Bulletin:A security vulnerability has been identified in IBM HTTP Server used by IBM WebSphere Application Server which is shipped with IBM PureApplication System (CVE-2015-1283)
Summary IBM WebSphere Application Server is shipped as a component of IBM PureApplication System. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Consult the security bulletin Denial of service...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM PureApplication System (CVE-2015-7450)
Summary IBM WebSphere Application Server is shipped as a deployable component of IBM PureApplication System. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Consult the security bulletin...
Security Bulletin: Vulnerabilities in OpenSSL including Logjam affect IBM PureApplication System. (CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, and CVE-2015-4000)
Summary OpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol CVE-2015-4000. OpenSSL is used by IBM PureApplication System. IBM PureApplication System has addressed the...
Security Bulletin: Vulnerability in Open Source GNU glibc affects IBM OS Images for Red Hat Linux Systems. (CVE-2013-7423)
Summary A vulnerability in Open Source GNU glibc affects IBM OS Images for Red Hat Linux Systems. Vulnerability Details CVEID: CVE-2013-7423 DESCRIPTION: GNU glibc could allow a local attacker to obtain sensitive information, caused by the writing of DNS queries to random file descriptors under...
Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM PureApplication System. (CVE-2015-4000)
Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM PureApplication System. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM PureApplication System. (CVE-2015-2808, CVE-2015-0204, CVE-2015-1916, and CVE-2015-0138)
Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 6 and 7, that is used by IBM PureApplication System. These issues were disclosed as part of the IBM Java SDK updates in April 2015. This bulletin also addresses FREAK: “Factoring Attack on RSA-EXPORT keys"...
Security Bulletin: IBM PureApplication System is affected by a security vulnerability. (CVE-2015-1890)
Summary A security vulnerability have been identified in the General Parallel File System gpfs.snap service tool that affects IBM PureApplication System. Vulnerability Details CVEID: CVE-2015-1890 DESCRIPTION: IBM General Parallel File System could allow someone who has access to a snap file...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM OS Images for Red Hat Linux Systems and AIX (CVE-2015-0410 and CVE-2014-6593)
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition Version 6 and 7 that are used by IBM OS Images for Red Hat Linux Systems and AIX. These issues were disclosed as part of the IBM Java SDK updates in January 2015. Vulnerability Details CVEID: CVE-2015-0410 DESCRIPTION...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM PureApplication System (CVE-2015-0410 and CVE-2014-6593)
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition Version 6 and 7 that are used by IBM PureApplication System. These issues were disclosed as part of the IBM Java SDK updates in January 2015. Vulnerability Details CVEID: CVE-2015-0410 DESCRIPTION: An unspecified...
Security Bulletin: Vulnerabilities in OpenSSL (CVE-2014-3508 and CVE-2014-3509) affect the virtual machines deployed by IBM PureApplication System.
Summary Nine OpenSSL vulnerabilities were disclosed in August 2014. This bulletin addresses the two vulnerabilities that are applicable to virtual machines which are deployed by IBM PureApplication System using the IBM OS Image for Red Hat Linux Systems and the IBM OS Image for AIX Systems...
Security Bulletin: TLS padding vulnerability affects IBM PureApplication System (CVE-2014-8730)
Summary Transport Layer Security TLS padding vulnerability via a POODLE Padding Oracle On Downgraded Legacy Encryption like attack affects IBM PureApplication System. Vulnerability Details CVEID: CVE-2014-8730 DESCRIPTION: IBM PureApplication Server bundles IBM HTTP Server, which could allow a...
Security Bulletin: Vulnerabilities in OpenSSL affects IBM PureApplication System (CVE-2015-0209, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0292, and CVE-2015-0293)
Summary OpenSSL vulnerabilities were disclosed on March 19, 2015 by the OpenSSL Project. OpenSSL is used by IBM PureApplication System. IBM PureApplication System has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-0209 DESCRIPTION: OpenSSL could allow a remote attacker to...
Security Bulletin: Venom vulnerability affects IBM PureApplication System (CVE-2015-3456)
Summary IBM PureApplication System is vulnerable to Venom: "Virtualized Environment Neglected Operation Manipulation". Vulnerability Details CVEID: CVE-2015-3456 DESCRIPTION: QEMU is vulnerable to a buffer overflow, caused by improper bounds checking by the Floppy Disk Controller FDC emulation. B...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Image Construction and Composition Tool (CVE-2014-3566 and CVE-2014-6457)
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6 that is used by IBM PureApplication System. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption POODLE SSLv3 vulnerability CVE-2014-3566. These were disclosed as part of the IBM...
Security Bulletin: Vulnerability in RC4 stream cipher affects IBM PureApplication System (CVE-2015-2808)
Summary The RC4 “Bar Mitzvah” Attack for SSL/TLS affects IBM PureApplication System. Vulnerability Details CVEID: CVE-2015-2808 DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit th...
Security Bulletin: Vulnerability in IBM Java SDK affects IBM OS Images for Red Hat Linux Systems, AIX, and Windows. (CVE-2015-0138)
Summary The “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability affects IBM SDK Java Technology Edition, Version 6 and IBM SDK Java Technology Edition, Version 7 that is used by IBM OS Images for Red Hat Linux Systems, AIX, and Windows. Vulnerability Details CVEID...