Mageia: Security Advisory (MGASA-2017-0041)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for java-1.8.0-openjdk (EulerOS-SA-2017-1150)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Fabric OS firmware for Brocade 8Gb SAN Switch Module for BladeCenter is affected by vulnerabilities in OpenSSL and OpenSSH

Summary Fabric OS firmware for Brocade 8Gb SAN Switch Module for BladeCenter has addressed the following vulnerabilities in OpenSSL and OpenSSH. Vulnerability Details CVEID: CVE-2016-8858 DESCRIPTION: OpenSSH is vulnerable to a denial of service, caused by an error in the kexinputkexinit function...

Unauthenticated Access

Java SE and Java SE Embedded are vulnerable to unauthenticated access attacks. A remote user can exploit a flaw in the DSA implementation in the Libraries component of OpenJDK. The attacker may then be able to modify data on the target system and gain elevated privileges...

Security Bulletin: Vulnerabilitiy in OpenSSL affect IBM Storwize V7000 Unified

Summary Cross-protocol attack on TLS using SSLv2 Vulnerability Details OpenSSL is used in IBM Storwize V7000 Unified for providing communication security by encrypting data being transmitted. CVEID: CVE-2016-2177 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by the incorrect u...

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Storwize V7000 Unified (CVE-2016-6304, CVE-2016-6303, CVE-2016-2178, CVE-2016-6306 and CVE-2016-2183)

Summary OpenSSL is used by IBM Storwize V7000 Unified. IBM Storwize V7000 Unified has addressed the applicable CVEs. Vulnerability Details OpenSSL is used in IBM Storwize V7000 Unified for providing communication security by encrypting data being transmitted. CVEID: CVE-2016-6304 DESCRIPTION:...

Security Bulletin: Multiple vulnerabilities in Open Source openSSL affect IBM Security Identity Governance Appliance

Summary Vulnerabilities in Open Source openssl that is used by IBM Security Identity Governance Vulnerability Details CVEID: CVE-2016-2177 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging...

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Aspera Orchestrator, IBM Aspera Virtual Catcher, IBM Aspera Faspex, IBM Aspera Shares (CVE-2016-6304, CVE-2016-2177, ...)

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Aspera Orchestrator, IBM Aspera Virtual Catcher, IBM Aspera Faspex, IBM Aspera Shares has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-6302 DESCRIPTIO...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM MQ Appliance

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM MQ Appliance. IBM MQ Appliance has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-6302 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused...

RHEL 6 / 7 : java-1.8.0-ibm (RHSA-2017:2469)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:2469 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java...

Critical: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

EulerOS 2.0 SP2 : java-1.7.0-openjdk (EulerOS-SA-2017-1028)

According to the versions of the java-1.7.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was discovered that the RMI registry and DCG implementations in the RMI component of OpenJDK performed deserialization of untrust...

OpenJDK: DSA implementation timing attack (Libraries, 8168728)

A covert timing channel flaw was found in the DSA implementation in the Libraries component of OpenJDK. A remote attacker could possibly use this flaw to extract certain information about the used key via a timing side channel...

Critical: java-1.7.0-openjdk

Issue Overview: It was discovered that the RMI registry and DCG implementations in the RMI component of OpenJDK performed deserialization of untrusted inputs. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application. Th...

java security update

CentOS Errata and Security Advisory CESA-2017:0269 An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common...

Amazon Linux AMI : java-1.8.0-openjdk (ALAS-2017-791)

It was discovered that the RMI registry and DCG implementations in the RMI component of OpenJDK performed deserialization of untrusted inputs. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application. CVE-2017-3241 This...

Critical: java-1.8.0-openjdk

Issue Overview: It was discovered that the RMI registry and DCG implementations in the RMI component of OpenJDK performed deserialization of untrusted inputs. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application...

RHEL 6 / 7 : java-1.8.0-openjdk (RHSA-2017:0180)

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

OpenJDK: DSA implementation timing attack (Libraries, 8168728)

A covert timing channel flaw was found in the DSA implementation in the Libraries component of OpenJDK. A remote attacker could possibly use this flaw to extract certain information about the used key via a timing side channel...