Security Bulletin: A vulnerability in OpenSSH affects IBM Security Network Intrusion Prevention System (CVE-2015-5600)

Summary A security vulnerability has been discovered in OpenSSH used with IBM Security Network Intrusion Prevention System. Vulnerability Details CVEID: CVE-2015-5600 DESCRIPTION: OpenSSH could allow a local attacker to obtain sensitive information, caused by an error in the keyboard-interactive...

Security Bulletin: NTP vulnerability in Network Intrusion Prevention System (CVE-2013-5211)

Summary Security vulnerabilities have been discovered in the NTP component of IBM Security Network Intrusion Prevention System. Vulnerability Details CVEID: CVE-2013-5211 DESCRIPTION: NTP is vulnerable to a denial of service, caused by an error in the monlist feature in ntprequest.c. By sending a...

Security Bulletin: Libxml2 vulnerabilities in Network Intrusion Prevention System (CVE-2014-0191, CVE-2013-2877, CVE-2014-3660, CVE-2013-5211)

Summary Security vulnerabilities have been discovered in the libxml2 component of IBM Security Network Intrusion Prevention System. Vulnerability Details CVEID: CVE-2014-0191 DESCRIPTION: Libxml2 is vulnerable to a denial of service, caused by the expansion of internal entities within the...

Security Bulletin: Vulnerabilities in unzip affect IBM Security Network Intrusion Prevention System (CVE-2014-8139, CVE-2014-8140, CVE-2014-8141, and CVE-2014-9636 )

Summary The unzip utility is used to list, test, or extract files from a zip archive. Security vulnerabilities have been discovered in unzip used with IBM Security Network Intrusion Prevention System. Vulnerability Details CVE ID: CVE-2014-8139 DESCRIPTION: Info-ZIP UnZip is vulnerable to a...

CVE-2011-3140

CVE-2011-3140 affects IBM Web Application Firewall used on G400 IPS-G400-IB-1 and GX4004 IPS-GX4004-IB-2 appliances with update 31.030. The issue is in how the product handles query strings with multiple instances of the same parameter, allowing a malicious user to bypass intrusion prevention by ...