Security Bulletin: IBM Security Network Intrusion Prevention System can be affected by vulnerabilities in Ruby on Rails (CVE-2012-2660, CVE-2012-2694, CVE-2013-0156, CVE-2012-6496, CVE-2012-3424, and CVE-2012-2695)

Question Is the Network IPS system affected by Ruby on Rails vulnerabilities? "Product":"code":"SS9SBT","label":"Proventia Network Intrusion Prevention System","Business Unit":"code":"BU059","label":"IBM Software w/o TPS","Component":"General...

EUVD-2014-6069

Malware in sbrugna...

EUVD-2014-6084

Malware in sbrugna...

EUVD-2013-5282

Malware in sbrugna...

EUVD-2014-6075

Malware in sbrugna...

EUVD-2014-6083

Malware in sbrugna...

EUVD-2016-0236

Malware in sbrugna...

Security Bulletin: Vulnerabilities in curl affect IBM Security Network Intrusion Prevention System

Summary The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security vulnerabilities have been discovered in libcurl used with IBM Security Network Intrusion Prevention System. Vulnerability...

Security Bulletin: Libxml2 vulnerabilities in Network Intrusion Prevention System (CVE-2014-0191, CVE-2013-2877, CVE-2014-3660, CVE-2013-5211)

Summary Security vulnerabilities have been discovered in the libxml2 component of IBM Security Network Intrusion Prevention System. Vulnerability Details CVEID: CVE-2014-0191 DESCRIPTION: Libxml2 is vulnerable to a denial of service, caused by the expansion of internal entities within the...

Security Bulletin: Vulnerabilities in GNU glibc affect IBM Security Network Intrusion Prevention System (CVE-2013-2207, CVE-2014-8121, and CVE-2015-1781 )

Summary The GNU glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the Name Server Caching Daemon nscd used by multiple programs on the system. Security vulnerabilities have been discovered in glibc used with IBM Security...

Security Bulletin: Vulnerability in SSLv3 affects IBM Security Network Intrusion Prevention System (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM Security Network Intrusion Prevention System. Vulnerability Details CVE-ID: CVE-2014-3566 DESCRIPTION: Product could allow a remote attacke...

Security Bulletin: IBM Security Network Intrusion Prevention System is affected by krb5 vulnerabilities (CVE-2014-4341, CVE-2013-1418 )

Summary Security vulnerabilities have been discovered in krb5 used with IBM Security Intrusion Prevention System. Vulnerability Details CVEID: CVE-2014-4341 DESCRIPTION: MIT Kerberos is vulnerable to a denial of service, caused by a NULL pointer dereference. By injecting invalid tokens into a...

Security Bulletin: IBM Security Network Intrusion Prevention System is affected by multiple vulnerabilities

Summary Multiple security vulnerabilities CVE-2018-1426, CVE-2018-1427, CVE-2018-1428, CVE-2017-3736, CVE-2017-3732, CVE-2016-0705, and CVE-2018-1447 have been discovered in GSKit used with IBM Security Network Intrusion Prevention System. Vulnerability Details CVEID: CVE-2016-0705 DESCRIPTION:...

IBM Security Network Protection / IBM QRadar Network Security / XGS Technote Index

Question What Technotes exist for the IBM Security Network Protection / IBM QRadar Network Security XGS sensor? Answer The content below includes a list of all technical notes published under IBM Security Network Protection / IBM QRadar Network Security by category and sorted by popularity. Users...

Security Bulletin: IBM Security Network Protection is affected by multiple vulnerabilities

Summary Multiple security vulnerabilities CVE-2018-1426, CVE-2018-1427, CVE-2018-1428, CVE-2017-3736, CVE-2017-3732, CVE-2016-0705, and CVE-2018-1447 have been discovered in GSKit used with IBM Security Network Protection. Vulnerability Details CVEID: CVE-2016-0705 DESCRIPTION: OpenSSL is...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security Network Protection

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™, Version 7 Service Refresh 10 Fix Pack 15 used by IBM Security Network Protection. These issues were disclosed as part of the IBM Java SDK updates in October 2017. Vulnerability Details CVEID: CVE-2017-10345 DESCRIPTION:...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Security Network Protection

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 Service Refresh 10 Fix Pack used by IBM Security Network Protection. These issues were disclosed as part of the IBM Java SDK updates in July 2017. Vulnerability Details CVEID: CVE-2017-10198 DESCRIPTION: An...

Security Bulletin: IBM Security Network Protection is affected by a vulnerability in glibc

Summary IBM Security Network Protection has addressed the following vulnerability: A security vulnerability has been discovered in glibc. Vulnerability Details CVEID: CVE-2017-1000366 DESCRIPTION: Glibc could allow a local attacker to execute arbitrary code on the system, caused by a vulnerabilit...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security Network Protection

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7 used by IBM Security Network Protection. IBM Security Network Protection has addressed the applicable CVEs. Vulnerability Details Relevant CVE Information: CVEID: CVE-2017-3514 DESCRIPTION: An unspecified...

Security Bulletin: IBM Security Network Protection is affected by a vulnerability in coreutils (util-linux)

Summary A security vulnerability has been discovered in coreutils util-linux, which is used by IBM Security Network Protection. Vulnerability Details CVEID: CVE-2017-2616 DESCRIPTION: util-linux could allow a local authenticated attacker to bypass security restrictions, caused by a race condition...