Security Bulletin: IBM Sterling Connect:Direct for i5/OS is vulnerable to denial of service due to Zlib (CVE-2018-25032)

Summary There is a vulnerability in the Zlib library used by IBM Sterling Connect:Direct for i5/OS. IBM Sterling Connect:Direct for i5/OS has addressed the applicable issue by upgrading to 1.2.12 Vulnerability Details CVEID:CVE-2018-25032 DESCRIPTION: Zlib is vulnerable to a denial of service,...

Security Bulletin: Vulnerability in SSLv3 affects IBM Sterling Connect:Direct for i5/OS (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM Sterling Connect:Direct for i5/OS. Vulnerability Details CVE-ID: CVE-2014-3566 DESCRIPTION: Product could allow a remote attacker to obtain...

Apache 'mod_proxy_http' Interim Response Denial of Service Vulnerability

CVE: CVE-2008-2364 The Apache 'modproxyhttp' module is prone to a denial-of-service vulnerability that affects the processing of interim responses. Attackers may exploit this issue to cause denial-of-service conditions. Reportedly, the issue affects Apache 2.2.8 and 2.0.63; other versions may als...

Cross site scripting

Cross-site scripting XSS vulnerability in Lotus Quickr for i5/OS before 8.0.0.2 Hotfix 11, when anonymous access is disabled on HTTP ports, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2008-0834

Cross-site scripting XSS vulnerability in Lotus Quickr for i5/OS before 8.0.0.2 Hotfix 11, when anonymous access is disabled on HTTP ports, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2008-0834

Cross-site scripting XSS vulnerability in Lotus Quickr for i5/OS before 8.0.0.2 Hotfix 11, when anonymous access is disabled on HTTP ports, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2008-0834

CVE-2008-0834 is a cross-site scripting (XSS) vulnerability in IBM’s Lotus Quickr for i5/OS prior to 8.0.0.2 Hotfix 11. When anonymous access on HTTP ports is disabled, remote attackers can inject arbitrary web script or HTML via unspecified vectors. The incident is documented with a CVSS base sc...

CVE-2007-3537

IBM OS/400 aka i5/OS V4R2M0 through V5R3M0 on iSeries machines sends responses to TCP SYN-FIN packets, which allows remote attackers to obtain system information and possibly bypass firewall rules...

CVE-2007-3537

IBM OS/400 aka i5/OS V4R2M0 through V5R3M0 on iSeries machines sends responses to TCP SYN-FIN packets, which allows remote attackers to obtain system information and possibly bypass firewall rules...

CVE-2007-3537

CVE-2007-3537 affects IBM OS/400 (i5/OS) on iSeries, specifically V4R2M0 through V5R3M0. The vulnerability arises because the system sends responses to TCP SYN-FIN packets, which allows remote attackers to obtain system information and possibly bypass firewall rules.