Security Bulletin: Vulnerabilities in OpenSSL affect IBM Aspera Transfer Cluster Manager, faspex on Demand, Server on Demand, Application Platform on

Question Security Bulletin: Vulnerabilities in OpenSSL affect IBM Aspera Transfer Cluster Manager, faspex on Demand, Server on Demand, Application Platform on Demand, and Azure on Demand. CVE-2016-2107, CVE-2016-2106, CVE-2016-2176 "Business Unit":"code":"BU059","label":"IBM Software w/o...

MiracleLinux 7 : openssl-1.0.1e-51.el7.5 (AXSA:2016-230:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-230:03 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries...

Siemens SCALANCE X-200RNA Switch Devices Exposure of Sensitive Information to an Unauthorized Actor (CVE-2016-2107)

The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability...

K07538415: Multiple OpenSSL vulnerabilities

Security Advisory Description On May 3, 2016, OpenSSL announced the discovery of the following vulnerabilities: CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2176 For the complete announcement from OpenSSL, refer to OpenSSL Security Advisory 3rd May 2016. Note :...

Security Bulletin: A vulnerability in OpenSSL affects the IBM FlashSystem models 840 and 900 (CVE-2016-2107)

Summary There is a vulnerability in open source OpenSSL to which the IBM® FlashSystem™ 840 and IBM FlashSystem 900 are susceptible. An exploit of this vulnerability could allow a remote user with the ability to conduct a man-in-the-middle attack to decrypt traffic. Vulnerability Details CVEID:...

Security Bulletin: Security vulnerabilities have been identified in OpenSSL, IBM Java Runtime and the microcode shipped with the DS8000 Hardware Management Console (HMC)

Summary The updates indicated below have been released to address the following vulnerabilities: CVE-2016-2107 MITM attack in OpenSSL, CVE-2016-5547 Denial of service in IBM Runtime Environment Java™ CVE-2017-1123 Escalation of privilege in the DS8000 HMC Vulnerability Details CVEID: CVE-2016-210...

Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affect WebSphere Application Server shipped with IBM InfoSphere Master Data Management Server (CVE-2016-2108 CVE-2016-2107 CVE-2016-2105 CVE-2016-2106 CVE-2016-2109 CVE-2016-2176)

Summary IBM WebSphere Application Server is shipped as a component of IBM InfoSphere Master Data Management Server . Information about a security vulnerabilities affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Consult the security bullet...

Slackware: Security Advisory (SSA:2016-124-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Cisco SAN switches and directors (CVE-2016-2108, CVE-2016-2107, CVE-2016-2105, CVE-2016-2106, CVE-2016-2109, CVE-2016-2176)

Summary OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Cisco SAN switches and directors. IBM Cisco SAN switches and directors has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2108DESCRIPTION: OpenSSL could allow a remot...

Security Bulletin: A Vulnerability in OpenSSH and Multiple Vulnerabilities in OpenSSL affect IBM GPFS V3.5 for Windows

Summary OpenSSH could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by improper validation of user-supplied X11 authentication credentials by the sshd server. OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used ...

SUSE: Security Advisory (SUSE-SU-2016:1206-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:1233-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

tkm.tanosakiaya.com Cross Site Scripting vulnerability OBB-1460038

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Security Bulletin: OpenSSL vulnerabilities in Node.js found on May 03, 2016 affect Rational Software Architect and Rational Software Architect for WebSphere Software (CVE-2016-2107, CVE-2016-2105)

Summary OpenSSL vulnerabilities were disclosed on May 03, 2016 by the OpenSSL Project. OpenSSL is used by Rational Software Architect and Rational Software Architect for WebSphere Software. The applicable CVEs have been addressed. Vulnerability Details CVEID: CVE-2016-2107 DESCRIPTION: OpenSSL...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Sterling Connect:Direct for HP NonStop (CVE-2016-2107, CVE-2016-2108)

Summary OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Sterling Connect:Direct for HP NonStop. Sterling Connect:Direct for HP NonStop has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2107 DESCRIPTION: OpenSSL could allo...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Sterling Connect:Direct for UNIX (CVE-2016-2108, CVE-2016-2107).

Summary OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Sterling Connect:Direct for UNIX. IBM Sterling Connect:Direct for UNIX has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2108 DESCRIPTION: OpenSSL could allow a remo...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Sterling Connect:Direct for Microsoft Windows (CVE-2016-2108, CVE-2016-2107)

Summary OpenSSL vulnerabilities were disclosed on 3 May 2016 by the OpenSSL Project. OpenSSL is used by IBM Sterling Connect:Direct for Microsoft Windows. IBM Sterling Connect:Direct for Microsoft Windows has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2108 DESCRIPTION:...

Security Bulletin: Multiple vulnerabilities in OpenSSL affect WebSphere Message Broker and IBM Integration Bus ( CVE-2016-2107,CVE-2016-2176)

Summary OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. The DataDirect ODBC Drivers used by WebSphere Message Broker and IBM Integration Bus have addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2107 DESCRIPTION: OpenSSL could allow a remote...

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Sterling B2B Integrator

Summary OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Sterling B2B Integrator. IBM Sterling B2B Integrator has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2107 DESCRIPTION: OpenSSL could allow a remote attacker to...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM i (CVE-2016-2108, CVE-2016-2107, CVE-2016-2105, CVE-2016-2106, CVE-2016-2109, CVE-2016-2176)

Summary OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM i. IBM i has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2108 DESCRIPTION: OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by...