374 matches found
Security Bulletin: IBM Flex System switch firmware products are affected by a vulnerability in OpenSSL (CVE-2019-1559)
Summary IBM Flex System switch firmware products have addressed the following OpenSSL vulnerability. Vulnerability Details CVEID: CVE-2019-1559 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by the failure to immediately close the TCP connection after t...
Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerability in PHP.
Summary The following vulnerability in PHP has been addressed by IBM Flex System Chassis Management Module CMM. Vulnerability Details CVEID: CVE-2018-19518 DESCRIPTION: University of Washington IMAP Toolkit 2007f on UNIX, as used in imapopen in PHP and other products, launches an rsh command by...
Security Bulletin: IBM Flex System switch firmware products are affected by TCP denial of service vulnerabilities
Summary IBM Flex System switch firmware products have addressed the following TCP denial of service vulnerabilities. Vulnerability Details CVEID: CVE-2019-11478 DESCRIPTION: Jonathan Looney discovered that the TCP retransmission queue implementation in tcpfragment in the Linux kernel could be...
Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in libssh2
Summary IBM Flex System Chassis Management Module CMM has addressed the following vulnerabilties in libssh2. Vulnerability Details CVEID: CVE-2019-3863 DESCRIPTION: A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length a...
Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in PHP (CVE-2019-6978, CVE-2019-6977)
Summary The following vulnerabilities in PHP have been addressed by IBM Flex System Chassis Management Module CMM. Vulnerability Details CVEID: CVE-2019-6978 DESCRIPTION: The GD Graphics Library aka LibGD 2.2.5 has a double free in the gdImagePtr functions in gdgifout.c, gdjpeg.c, and gdwbmp.c...
Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in Network Time Protocol (NTP)
Summary The following vulnerabilities in Network Time Protocol NTP have been addressed by IBM Flex System Chassis Management Module CMM. Vulnerability Details CVEID: CVE-2020-11868 DESCRIPTION: NTP is vulnerable to a denial of service, caused by a flaw in ntpd. By sending a server mode packet wit...
Security Bulletin: IBM Flex System switch firmware products are affected by vulnerability in OpenSSL (CVE-2018-0734)
Summary IBM Flex System switch firmware products have addressed the following vulnerability in OpenSSL. Vulnerability Details CVEID: CVE-2018-0734 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the DSA signature...
Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in glib2, libxml2 and ntp
Summary IBM Flex System Chassis Management Module CMM has addressed the following vulnerabilities in glib2, libxml2 and ntp. Vulnerability Details CVEID: CVE-2018-16429 DESCRIPTION: GNOME GLib is vulnerable to a denial of service, caused by an out-of-bounds read in gmarkupparsecontextparse in...
Security Bulletin: Brocade Fabric OS (FOS) Advisory vulnerabilities affect Brocade 8Gb SAN Switch Module for BladeCenter and IBM Flex System FC5022 16Gb SAN Scalable Switch
Summary The following Brocade Fabric OS FOS vulnerabilities have been addressed by Brocade 8Gb SAN Switch Module for BladeCenter and IBM Flex System FC5022 16Gb SAN Scalable Switch. Vulnerability Details CVEID: CVE-2018-6442 DESCRIPTION: Broadcom Brocade Fabric OS could allow a remote authenticat...
Security Bulletin: IBM has released Unified Extensible Firmware Interface (UEFI) fixes in response to TianoCore EDK II BIOS Vulnerability (CVE-2018-12182)
Summary IBM has released the following Unified Extensible Firmware Interface UEFI fixes for System x and Flex systems in response to the TianoCore EDK II BIOS Vulnerability listed below. Vulnerability Details CVEID: CVE-2018-12182 DESCRIPTION: TianoCore EDK II BIOS could allow a local authenticat...
Security Bulletin: IBM Flex System switch firmware products are affected by information disclosure vulnerability (CVE-2014-8730)
Summary IBM Flex System switch firmware products have addressed the following TLS padding information disclosure vulnerability. Vulnerability Details CVEID: CVE-2014-8730 DESCRIPTION: Multiple F5 products could allow a remote attacker to obtain sensitive information, caused by the failure to chec...
Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in cURL (CVE-2018-14618 CVE-2018-16840 CVE-2018-16842)
Summary IBM Flex System Chassis Management Module CMM has addressed the following vulnerabilities in cURL. Vulnerability Details CVEID: CVE-2018-14618 DESCRIPTION: cURL libcurl is vulnerable to a buffer overflow, caused by an integer overflow flaw in the Curlntlmcoremknthash internal function in...
Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in PHP (CVE-2018-17082 CVE-2018-14883 CVE-2018-14851 CVE-2017-9118)
Summary IBM Flex System Chassis Management Module CMM has addressed the following vulnerabilities in PHP. Vulnerability Details CVEID: CVE-2018-17082 DESCRIPTION: PHP is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Apache2 component. A remote...
Security Bulletin: IBM Flex System switch firmware products are affected by vulnerability in OpenSSL (CVE-2018-0732)
Summary IBM Flex System switch firmware products have addressed the following vulnerability in OpenSSL. Vulnerability Details CVEID: CVE-2018-0732 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by the sending of a very large prime value to the client by a malicious server durin...
Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in GNU C Library (CVE-2015-5180 CVE-2017-15670 CVE-2017-15804)
Summary IBM Flex System Chassis Management Module CMM has addressed the following vulnerabilities in GNU C Library. Vulnerability Details CVEID: CVE-2015-5180 DESCRIPTION: glibc is vulnerable to a denial of service, caused by a NULL pointer dereference in the resquery function in libresolv. By...
Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in procps
Summary IBM Flex System Chassis Management Module CMM has addressed the following vulnerabilities in procps. Vulnerability Details CVEID: CVE-2018-1126 DESCRIPTION: procps-ng procps is vulnerable to a buffer overflow, caused by improper bounds checking. By sending a specially-crafted request, a...
Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by a vulnerability in OpenSLP (CVE-2017-17833)
Summary IBM Flex System Chassis Management Module CMM has addressed the following vulnerability in OpenSLP. Vulnerability Details CVEID: CVE-2017-17833 DESCRIPTION: OpenSLP, as used in multiple products, is vulnerable to a denial of service. A remote attacker could exploit this vulnerability to...
Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in php (CVE-2018-10548 CVE-2018-12882)
Summary IBM Flex System Chassis Management Module CMM has addressed the following vulnerabilities in php. Vulnerability Details CVEID: CVE-2018-10548 DESCRIPTION: PHP is vulnerable to a denial of service, caused by a NULL pointer dereference in ext/ldap/ldap.c. By sending specially crafted data, ...
Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by a vulnerability in APR-util (CVE-2017-12613)
Summary IBM Flex System Chassis Management Module CMM has addressed the following vulnerability in APR-util. Vulnerability Details CVEID: CVE-2017-12613 DESCRIPTION: Apache Portable Runtime APR could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds array...
Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in OpenSSH (CVE-2018-15473 CVE-2018-15919)
Summary IBM Flex System Chassis Management Module CMM has addressed the following vulnerabilities in OpenSSH. Vulnerability Details CVEID: CVE-2018-15473 DESCRIPTION: OpenSSH could allow a remote attacker to obtain sensitive information, caused by different responses to valid and invalid...