195 matches found
EUVD-2017-10320
Malware in sbrugna...
EUVD-2018-12361
Malware in sbrugna...
EUVD-2016-0427
Malware in sbrugna...
EUVD-2018-12362
Malware in sbrugna...
EUVD-2016-4058
Malware in sbrugna...
Security Bulletin: IBM Spectrum Scale (GPFS) Hadoop connector is affected by a security vulnerability (CVE-2022-25168)
Summary A security vulnerability has been identified in the IBM Spectrum Scale GPFS Hadoop connector which could allow a local authenticated attacker to execute arbitrary commands on the system. Fix for this vulnerability is available. Vulnerability Details CVEID:CVE-2022-25168 DESCRIPTION: Apach...
Security Bulletin: IBM Storwize V7000 Unified Fix Available for Storwize V7000 Cross Protocol Vulnerability (CVE-2013-0500)
Abstract IBM Storwize V7000 Unified includes a flaw in the handling of special files created by an NFS client resulting in a vulnerability reported against IBM Storwize V7000 Unified. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-0500 DESCRIPTION: A flaw in the IBM Storwize V7000 Unified code f...
Security Bulletin: IBM SONAS Fix Available for SONAS Cross Protocol Vulnerability (CVE-2013-0500)
Abstract IBM SONAS includes a flaw in the handling of special files created by an NFS client resulting in a vulnerability reported against IBM SONAS. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-0500 DESCRIPTION: A flaw in the IBM SONAS code for handling special files in particular character a...
Security Bulletin: IBM Transparent Cloud Tiering is affected by a vulnerability in Apache Commons IO ( CVE-2021-29425)
Summary apache commons IO is used by IBM Spectrum Scale Transparent Cloud Tiering. IBM Spectrum Scale Transparent Cloud Tiering has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2021-29425 DESCRIPTION: Apache Commons IO could allow a remote attacker to traverse directories on the...
Security Bulletin: Vulnerability in SSLv3 affects GPFS V3.5 for Windows (CVE-2014-3566)
Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in GPFS V3.5 for Windows Vulnerability Details CVE-ID: CVE-2014-3566 DESCRIPTION: Product could allow a remote attacker to obtain sensitive...
Security Bulletin: GPFS V3.5 for Windows is affected by OpenSSL vulnerabilities (CVE-2014-3512, CVE-2014-3509, CVE-2014-3506, CVE-2014-3507, CVE-2014-3511, CVE-2014-3505, CVE-2014-3510, CVE-2014-3508, CVE-2014-5139)
Summary Security vulnerabilities have been identified in the level of OpenSSL that is currently shipped with GPFS V3.5.0.11, or later, on Windows. The current level of OpenSSL could allow a remote attacker to : - Cause a denial of service CVE-2014-3512, CVE-2014-3509, CVE-2014-3506, CVE-2014-3507...
Security Bulletin: IBM Spectrum Scale V4.1.1, IBM GPFS V4.1, and IBM V3.5 for AIX are affected by a security vulnerability (CVE-2015-7403)
Summary A security vulnerability has been identified in the current levels of IBM Spectrum Scale V4.1.1, IBM GPFS V4.1 and V3.5 that could allow a local attacker to cause the node they are on to crash. Vulnerability Details CVEID: CVE-2015-7403 DESCRIPTION: IBM General Parallel File System is...
Security Bulletin: Vulnerabilities in Open Secure Shell for GPFS V3.5 on Windows (CVE-2014-2653, CVE-2014-2532)
Summary Security vulnerabilities have been identified in the level of OpenSSH that is currently shipped with GPFS V3.5.0.11, or later, on Windows. The current level of OpenSSH could allow a remote attacker to bypass security restrictions caused by: - CVE-2014-2653 an error in the SSH client when...
Security Bulletin: Vulnerabilities in OpenSSL affect GPFS V3.5 for Windows (CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204, CVE-2015-0205, CVE-2015-0206)
Summary OpenSSL vulnerabilities were disclosed on January 8, 2015 by the OpenSSL Project. This includes “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability. OpenSSL is used by GPFS V3.5 for Windows. GPFS V3.5 for Windows has addressed the applicable CVEs...
Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM GPFS V3.5
Summary OpenSSL vulnerabilities were disclosed on December 3, 2015, January 28, 2016, and March 1, 2016 by the OpenSSL Project. OpenSSL is used by GPFS for Windows V3.5. GPFS for Windows V3.5 has addressed the applicable CVEs including the “DROWN: Decrypting RSA with Obsolete and Weakened...
Security Bulletin: IBM Spectrum Scale and IBM GPFS are affected by security vulnerabilities (CVE-2016-2985 and CVE-2016-2984)
Summary Security vulnerabilities have been identified in all levels of IBM Spectrum Scale and IBM GPFS that could allow: - a local attacker to execute commands as root by setting environment variables processed by setuid programs CVE-2016-2985 - a local attacker to execute commands as root by...
Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM GPFS for Windows (CVE-2015-4000)
Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM GPFS for Windows V3.5 Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properl...
Security Bulletin: IBM Spectrum Scale and IBM GPFS are affected by security vulnerabilities (CVE-2015-4974, CVE-2015-4981)
Summary Security vulnerabilities have been identified in the current levels of IBM Spectrum Scale V4.1.1, IBM GPFS V4.1 and V3.5: - could allow a local non privileged attacker to execute commands with root privileges CVE-2015-4974 - could allow a local non privileged attacker to read system...
Security Bulletin: Vulnerabilities in OpenSSL affect GPFS V3.5 for Windows (CVE-2014-3513, CVE-2014-3567, CVE-2014-3568)
Summary OpenSSL vulnerabilities along with SSL 3 Fallback protection TLSFALLBACKSCSV were disclosed on October 15, 2014 by the OpenSSL Project. OpenSSL is used by GPFS V3.5 for Windows. GPFS V3.5 for Windows has addressed the applicable CVEs and included the SSL 3.0 Fallback protection...
Security Bulletin: IBM General Parallel File System V4.1 is affected by a security vulnerability (CVE-2015-1890)
Summary A security vulnerability has been identified in GPFS V4.1 where the private key of TLS client certificates used by GPFS nodes may be contained in a gpfs.snap file CVE-2015-1890. Vulnerability Details CVEID: CVE-2015-1890 DESCRIPTION: IBM General Parallel File System could allow someone wh...