33 matches found
EUVD-2018-12362
Malware in sbrugna...
EUVD-2016-0427
Malware in sbrugna...
EUVD-2018-12361
Malware in sbrugna...
Security Bulletin: IBM General Parallel File System V4.1 is affected by a security vulnerability (CVE-2015-1890)
Summary A security vulnerability has been identified in GPFS V4.1 where the private key of TLS client certificates used by GPFS nodes may be contained in a gpfs.snap file CVE-2015-1890. Vulnerability Details CVEID: CVE-2015-1890 DESCRIPTION: IBM General Parallel File System could allow someone wh...
Security Bulletin: Vulnerability in OpenSSL affects IBM GPFS V3.5 (CVE-2016-2842)
Summary This bulletin addresses CVE-2016-2842 for GPFS for Windows V3.5 Vulnerability Details OpenSSL vulnerabilities were disclosed on March 1, 2016 by the OpenSSL Project. OpenSSL is used by GPFS for Windows V3.5. GPFS for Windows V3.5 addressed the applicable CVEs with the details provided in:...
Security Bulletin: IBM Spectrum Scale and IBM GPFS are affected by security vulnerabilities (CVE-2015-4974, CVE-2015-4981)
Summary Security vulnerabilities have been identified in the current levels of IBM Spectrum Scale V4.1.1, IBM GPFS V4.1 and V3.5: - could allow a local non privileged attacker to execute commands with root privileges CVE-2015-4974 - could allow a local non privileged attacker to read system...
Security Bulletin: Vulnerability in OpenSSL affects IBM GPFS V4.1 and IBM Spectrum Scale V4.1.1 (CVE-2015-1788)
Summary An OpenSSL denial of service vulnerability disclosed by the OpenSSL Project affects GSKit. IBM GPFS V4.1 and IBM Spectrum Scale V4.1.1 use GSKit and addressed the applicable CVE. Vulnerability Details CVEID: CVE-2015-1788 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused b...
Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM GPFS V3.5
Summary OpenSSL vulnerabilities were disclosed on December 3, 2015, January 28, 2016, and March 1, 2016 by the OpenSSL Project. OpenSSL is used by GPFS for Windows V3.5. GPFS for Windows V3.5 has addressed the applicable CVEs including the “DROWN: Decrypting RSA with Obsolete and Weakened...
Security Bulletin: Vulnerabilities in OpenSSL including Logjam affect IBM GPFS V3.5 for Windows (CVE-2015-4000, CVE-2015-1793, CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792)
Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project and affect IBM GPFS V3.5 . This includes the Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol CVE-2015-4000. This also includes the alternate chains certificate forgery vulnerability...
Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM GPFS for Windows (CVE-2015-4000)
Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM GPFS for Windows V3.5 Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properl...
Security Bulletin: A security vulnerability has been identified in IBM Spectrum Scale that integrates with Infosphere BigInsights (CVE-2015-7488).
Summary IBM Spectrum Scale integrates with Infosphere BigInsights. Information about a security vulnerability affecting GPFS / Spectrum Scale has been published in a security bulletin. Vulnerability Details Please consult the Spectrum Scale documentation for vulnerability details and information...
CVE-2018-1783
IBM GPFS IBM Spectrum Scale 4.1.1.0, 4.1.1.20, 4.2.0.0, 4.2.3.10, 5.0.0 and 5.0.1.2 command line utility allows an unprivileged, authenticated user with access to a GPFS node to forcefully terminate GPFS and deny access to data available through GPFS. IBM X-Force ID: 148806...
Command injection
IBM GPFS IBM Spectrum Scale 4.1.1.0, 4.1.1.20, 4.2.0.0, 4.2.3.10, 5.0.0 and 5.0.1.2 command line utility allows an unprivileged, authenticated user with access to a GPFS node to forcefully terminate GPFS and deny access to data available through GPFS. IBM X-Force ID: 148806...
CVE-2018-1783
IBM GPFS IBM Spectrum Scale 4.1.1.0, 4.1.1.20, 4.2.0.0, 4.2.3.10, 5.0.0 and 5.0.1.2 command line utility allows an unprivileged, authenticated user with access to a GPFS node to forcefully terminate GPFS and deny access to data available through GPFS. IBM X-Force ID: 148806...
Design/Logic Flaw
IBM GPFS IBM Spectrum Scale 5.0.1.0 and 5.0.1.1 allows a local, unprivileged user to cause a kernel panic on a node running GPFS by accessing a file that is stored on a GPFS file system with mmap, or by executing a crafted file stored on a GPFS file system. IBM X-Force ID: 148805...
Security Bulletin: A vulnerability has been identified in IBM Spectrum Scale that could allow a local, unprivileged user to cause a kernel panic (CVE-2018-1782)
Summary IBM Spectrum Scale could allow a local, unprivileged user to cause a kernel panic on a node running GPFS by accessing a file that is stored on a GPFS file system with mmap, or by executing a crafted file stored on a GPFS file system. Vulnerability Details CVEID: CVE-2018-1782 DESCRIPTION:...
Security Bulletin: IBM Spectrum Scale and IBM GPFS are affected by security vulnerabilities (CVE-2015-4974, CVE-2015-4981)
Summary Security vulnerabilities have been identified in the current levels of IBM Spectrum Scale V4.1.1, IBM GPFS V4.1 and V3.5: - could allow a local non privileged attacker to execute commands with root privileges CVE-2015-4974 - could allow a local non privileged attacker to read system...
Security Bulletin: IBM Spectrum Scale V4.1.1, IBM GPFS V4.1, and IBM V3.5 for AIX are affected by a security vulnerability (CVE-2015-7403)
Summary A security vulnerability has been identified in the current levels of IBM Spectrum Scale V4.1.1, IBM GPFS V4.1 and V3.5 that could allow a local attacker to cause the node they are on to crash. Vulnerability Details CVEID: CVE-2015-7403 DESCRIPTION: IBM General Parallel File System is...
Security Bulletin: IBM Spectrum Scale and IBM GPFS are affected by a security vulnerability (CVE-2016-0392)
Summary A security vulnerability has been identified in all levels of IBM Spectrum Scale and IBM GPFS that could allow a local attacker to inject commands into setuid file parameters and execute commands as root. Vulnerability Details CVEID: CVE-2016-0392 DESCRIPTION: IBM General Parallel File...
Security Bulletin: IBM Virtualization Engine TS7700 Is Affected by IBM GPFS Security Vulnerability (CVE-2015-1788)
Summary An OpenSSL denial of service vulnerability disclosed by the OpenSSL Project affects GSKit, which is used by the version of IBM GPFS used by the TS7700. Vulnerability Details CVEID: CVE-2015-1788 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an error when processing ...