EUVD-2018-12361

Malware in sbrugna...

EUVD-2016-4058

Malware in sbrugna...

EUVD-2016-0427

Malware in sbrugna...

EUVD-2017-10320

Malware in sbrugna...

EUVD-2018-12362

Malware in sbrugna...

Security Bulletin: IBM Spectrum Scale (GPFS) Hadoop connector is affected by a security vulnerability (CVE-2022-25168)

Summary A security vulnerability has been identified in the IBM Spectrum Scale GPFS Hadoop connector which could allow a local authenticated attacker to execute arbitrary commands on the system. Fix for this vulnerability is available. Vulnerability Details CVEID:CVE-2022-25168 DESCRIPTION: Apach...

Security Bulletin: IBM Storwize V7000 Unified Fix Available for Storwize V7000 Cross Protocol Vulnerability (CVE-2013-0500)

Abstract IBM Storwize V7000 Unified includes a flaw in the handling of special files created by an NFS client resulting in a vulnerability reported against IBM Storwize V7000 Unified. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-0500 DESCRIPTION: A flaw in the IBM Storwize V7000 Unified code f...

Security Bulletin: IBM SONAS Fix Available for SONAS Cross Protocol Vulnerability (CVE-2013-0500)

Abstract IBM SONAS includes a flaw in the handling of special files created by an NFS client resulting in a vulnerability reported against IBM SONAS. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-0500 DESCRIPTION: A flaw in the IBM SONAS code for handling special files in particular character a...

Security Bulletin: IBM Transparent Cloud Tiering is affected by a vulnerability in Apache Commons IO ( CVE-2021-29425)

Summary apache commons IO is used by IBM Spectrum Scale Transparent Cloud Tiering. IBM Spectrum Scale Transparent Cloud Tiering has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2021-29425 DESCRIPTION: Apache Commons IO could allow a remote attacker to traverse directories on the...

Security Bulletin: Vulnerability in SSLv3 affects GPFS V3.5 for Windows (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in GPFS V3.5 for Windows Vulnerability Details CVE-ID: CVE-2014-3566 DESCRIPTION: Product could allow a remote attacker to obtain sensitive...

Security Bulletin: Vulnerabilities in OpenSSH and OpenSSL affect GPFS for Windows V3.5

Summary OpenSSH vulnerabilities were disclosed on December 23, 2016 by the OpenSSH Project. OpenSSL vulnerabilities were disclosed on November 10, 2016 and January 26, 2017 by the OpenSSL Project. OpenSSH and OpenSSL are used by GPFS V3.5 for Windows. GPFS V3.5 for Windows has addressed the...

Security Bulletin: Vulnerability in OpenSSL affects IBM GPFS V3.5 (CVE-2016-2842)

Summary This bulletin addresses CVE-2016-2842 for GPFS for Windows V3.5 Vulnerability Details OpenSSL vulnerabilities were disclosed on March 1, 2016 by the OpenSSL Project. OpenSSL is used by GPFS for Windows V3.5. GPFS for Windows V3.5 addressed the applicable CVEs with the details provided in:...

Security Bulletin: IBM Spectrum Scale V4.1.1, IBM GPFS V4.1, and IBM V3.5 for AIX are affected by a security vulnerability (CVE-2015-7403)

Summary A security vulnerability has been identified in the current levels of IBM Spectrum Scale V4.1.1, IBM GPFS V4.1 and V3.5 that could allow a local attacker to cause the node they are on to crash. Vulnerability Details CVEID: CVE-2015-7403 DESCRIPTION: IBM General Parallel File System is...

Security Bulletin: IBM Spectrum Scale and IBM GPFS are affected by security vulnerabilities (CVE-2016-2985 and CVE-2016-2984)

Summary Security vulnerabilities have been identified in all levels of IBM Spectrum Scale and IBM GPFS that could allow: - a local attacker to execute commands as root by setting environment variables processed by setuid programs CVE-2016-2985 - a local attacker to execute commands as root by...

Security Bulletin: A Vulnerability in OpenSSH and Multiple Vulnerabilities in OpenSSL affect IBM GPFS V3.5 for Windows

Summary OpenSSH could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by improper validation of user-supplied X11 authentication credentials by the sshd server. OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used ...

Security Bulletin: IBM Spectrum Scale (GPFS) Hadoop connector is affected by a security vulnerability (CVE-2015-7430)

Summary A security vulnerability has been identified in the IBM Spectrum Scale GPFS Hadoop connector which could allow an unprivileged user the ability to read, write, modify, or delete any data in a GPFS file system CVE-2015-7430 Vulnerability Details CVEID: CVE-2015-7430 DESCRIPTION: IBM Genera...

Security Bulletin: Vulnerabilities in Open Secure Shell for GPFS V3.5 on Windows (CVE-2014-2653, CVE-2014-2532)

Summary Security vulnerabilities have been identified in the level of OpenSSH that is currently shipped with GPFS V3.5.0.11, or later, on Windows. The current level of OpenSSH could allow a remote attacker to bypass security restrictions caused by: - CVE-2014-2653 an error in the SSH client when...

Security Bulletin: Vulnerabilities in OpenSSH and OpenSSL affect GPFS for Windows V3.5

Summary OpenSSH vulnerabilities were disclosed on July 22 , August 10, and October19, 2016 by the OpenSSH Project. OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSH and OpenSSL are used by GPFS V3.5 for Windows. GPFS V3.5 for Windows has addressed...

Security Bulletin: Vulnerabilities in OpenSSH affect GPFS V3.5 for Windows (CVE-2016-0777, CVE-2016-0778)

Summary An information leak flaw and buffer overflow flaw in the way the OpenSSH client roaming feature was implemented affects OpenSSH for GPFS V3.5. Vulnerability Details CVEID: CVE-2016-0777 DESCRIPTION: OpenSSH could allow a remote attacker to obtain sensitive information, caused by a client...

Security Bulletin: Vulnerability in OpenSSL affects IBM GPFS V4.1 and IBM Spectrum Scale V4.1.1 (CVE-2015-1788)

Summary An OpenSSL denial of service vulnerability disclosed by the OpenSSL Project affects GSKit. IBM GPFS V4.1 and IBM Spectrum Scale V4.1.1 use GSKit and addressed the applicable CVE. Vulnerability Details CVEID: CVE-2015-1788 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused b...