Security Bulletin: IBM RackSwitch firmware products are affected by vulnerabilities in Libxml2

Summary The following vulnerabilites in Libxml2 have been addressed by IBM RackSwitch firmware products. Vulnerability Details CVEID: CVE-2021-3517 DESCRIPTION: GNOME libxml2 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by xmlEncodeEntitiesInternal in...

Security Bulletin: IBM RackSwitch firmware products are affected by vulnerabilities in OpenSSL

Summary The following vulnerabilites in OpenSSL have been addressed by IBM RackSwitch firmware products. Vulnerability Details CVEID: CVE-2020-1971 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference. If the GENERALNAMEcmp function contain an...

Security Bulletin: IBM RackSwitch firmware products are affected by a vulnerability in the Kernel (CVE-2020-12464)

Summary IBM RackSwitch firmware products have addressed the following Kernel vulnerability. Vulnerability Details CVEID: CVE-2020-12464 DESCRIPTION: Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a use-after-free flaw in the usbsgcancel function in...

Security Bulletin: IBM RackSwitch firmware products are affected by vulnerabilities in the Kernel

Summary IBM RackSwitch firmware products have addressed the following Kernel vulnerabilities. Vulnerability Details CVEID: CVE-2020-13974 DESCRIPTION: Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by an integer overflow in the drivers/tty/vt/keyboard.c...

Security Bulletin: IBM RackSwitch firmware products are affected by the following OpenSLL vulnerability

Summary IBM RackSwitch firmware products are affected by the following OpenSLL vulnerability Vulnerability Details CVEID: CVE-2019-1559 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by the failure to immediately close the TCP connection after the hosts...

Security Bulletin: IBM RackSwitch firmware products are affected by TCP denial of service vulnarabilities

Summary The IBM RackSwitch firmware products listed below have addressed the following TCP denial of service vulnerabilities. Vulnerability Details CVEID: CVE-2019-11478 DESCRIPTION: Jonathan Looney discovered that the TCP retransmission queue implementation in tcpfragment in the Linux kernel cou...

Security Bulletin: IBM RackSwitch firmware products are affected by vulnerability in OpenSSL (CVE-2018-0734)

Summary IBM RackSwitch firmware products listed below have addressed the following vulnerability in OpenSSL. Vulnerability Details CVEID: CVE-2018-0734 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the DSA signature...

Security Bulletin: IBM RackSwitch firmware products are affected by vulnerabilities in Python

Summary Vulnerabilities in Python have been addressed by IBM RackSwitch firmware products listed below. Vulnerability Details CVEID: CVE-2018-1060 DESCRIPTION: Python is vulnerable to a denial of service, caused by catastrophic backtracking in the pop3lib''s apop method. A remote attacker could...

Security Bulletin: IBM RackSwitch firmware products are affected by vulnerability in OpenSSL (CVE-2018-0732)

Summary IBM RackSwitch firmware products listed below have addressed the following vulnerability in OpenSSL. Vulnerability Details CVEID: CVE-2018-0732 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by the sending of a very large prime value to the client by a malicious server...

Security Bulletin: Vulnerability in Enterprise Networking Operating System (ENOS) affects IBM RackSwitch Products (CVE-2017-3765)

Summary IBM RackSwitch Products have addressed the following vulnerability in Enterprise Networking Operating System ENOS. Vulnerability Details Summary IBM RackSwitch Products have addressed the following vulnerability in Enterprise Networking Operating System ENOS. Vulnerability Details CVEID:...

Security Bulletin: Vulnerability in sblim-sfcb affects IBM RackSwitch G8264CS (CVE-2015-5185)

Summary IBM System Networking RackSwitch G8264CS has addressed the following vulnerability in sblim-sfcb. Vulnerability Details Summary IBM System Networking RackSwitch G8264CS has addressed the following vulnerability in sblim-sfcb. Vulnerability Details CVE-ID: CVE-2015-5185 Description:...

Security Bulletin: Vulnerability in libxml2 affects IBM RackSwitch Products (CVE-2017-8872)

Summary IBM RackSwitch Products have addressed the following vulnerability in libxml2. Vulnerability Details Summary IBM RackSwitch Products have addressed the following vulnerability in libxml2. Vulnerability Details: CVEID: CVE-2017-8872 Description: libxml2 is vulnerable to a buffer overflow,...

Security Bulletin: Vulnerabilities in libxml2 affect IBM RackSwitch Products

Summary IBM RackSwitch Products have addressed the following vulnerabilities in libxml2. Vulnerability Details Summary IBM RackSwitch Products have addressed the following vulnerabilities in libxml2. Vulnerability Details: CVEID: CVE-2017-7376 Description: libxml2 is vulnerable to a denial of...

Security Bulletin: Vulnerability in Linux Kernel affects IBM RackSwitch Products (CVE-2017-6214)

Summary IBM RackSwitch Products have addressed the following vulnerability in Linux Kernel. Vulnerability Details Summary IBM RackSwitch Products have addressed the following vulnerability in Linux Kernel. Vulnerability Details: CVEID: CVE-2017-6214 Description: Linux Kernel is vulnerable to a...

Security Bulletin: Vulnerabilities in libxml2 and zlib affect IBM RackSwitch Products

Summary IBM RackSwitch Products listed below have addressed the following vulnerabilities in libxml2 and zlib. Vulnerability Details Summary IBM RackSwitch Products listed below have addressed the following vulnerabilities in libxml2 and zlib. Vulnerability Details: CVEID: CVE-2016-4658...

Security Bulletin: Vulnerabilities in libxml2 affect IBM RackSwitch Products

Summary IBM RackSwitch Products have addressed the following vulnerabilities in libxml2. Vulnerability Details Summary IBM RackSwitch Products have addressed the following vulnerabilities in libxml2. Vulnerability Details: CVEID: CVE-2017-9050 Description: libxml2 is vulnerable to a heap-based...

Security Bulletin: Vulnerabilities in OpenSSL affect multiple products shipped with Intelligent Cluster. (CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470)

Summary Information about security vulnerabilities affecting multiple products shipped as components of Intelligent Cluster has been published in security bulletins. Vulnerability Details Abstract Information about security vulnerabilities affecting multiple products shipped as components of...

Security Bulletin: IBM RackSwitch firmware products are affected by information disclosure vulnerability (CVE-2014-8730)

Summary IBM RackSwitch firmware products listed below have addressed the following TLS padding information disclosure vulnerability. Vulnerability Details CVEID: CVE-2014-8730 DESCRIPTION: Multiple F5 products could allow a remote attacker to obtain sensitive information, caused by the failure to...

Lenovo Patches Networking OS Vulnerability Dating Back to 2004

Lenovo patched a flaw in its networking operating system dating back to 2004 that allowed attackers to perform an authentication bypass attack via a mechanism called “HP Backdoor.” If exploited, an attacker could gain admin-level access on affected switches, Lenovo said. The vulnerability is rate...

CVE-2017-3765

In Enterprise Networking Operating System ENOS in Lenovo and IBM RackSwitch and BladeCenter products, an authentication bypass known as "HP Backdoor" was discovered during a Lenovo security audit in the serial console, Telnet, SSH, and Web interfaces. This bypass mechanism can be accessed when...