EUVD-2013-5295

Malware in sbrugna...

Security Bulletin: IBM SmartCloud Provisioning security vulnerability has been identified in nginx (CVE-2016-4450)

Summary IBM SmartCloud Provisioning and SmartCloud Provisioning for Software Virtual Appliaance ships with nginx. A denial of service vulnerability has been identified in nginx CVE-2016-4450. Vulnerability Details CVE-ID: CVE-2016-4450 Description: nginx is vulnerable to a denial of service, caus...

Security Bulletin: Multiple Vulnerabilities in ISC Bind affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance (CVE-2016-1286, CVE-2016-2088, CVE-2016-1285)

Summary Vulnerabilities have been identified in bind package in ISC Bind affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance. Vulnerability Details CVEID: CVE-2016-1286 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by an error when parsing signature records...

Security Bulletin: Multiple vulnerabilities in Samba affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance

Summary Samba vulnerabilities were disclosed on April 12, 2016. Samba is used by IBM SmartCloud Provisioning for IBM Software Virtual Appliance. IBM SmartCloud Provisioning for IBM Software Virtual Appliance has addressed the applicable CVEs including the vulnerability commonly referred to as...

Security Bulletin: Vulnerabilities in Python, rpcbind, SQLite affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance

Summary Vulnerabilities in Python, rpcbind, SQLite packages affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance. Vulnerability Details CVEID: CVE-2014-4650 DESCRIPTION: Python CGIHTTPServer module could allow a remote attacker to obtain sensitive information, caused by the failu...

Security Bulletin: Multiple vulnerabilities in qemu-kvm affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance

Summary Multiple vulnerabilities in qemu-kvm affect IBM SmartCloud Provisioning V2.1 for IBM Software Virtual Appliance. Please note product software support discontinuance as per IBM Withdrawal Announcement 916-016. For withdrawal announcement information details see the Reference section below...

Security Bulletin: A vulnerability in GNU C library (glibc) affects IBM SmartCloud Provisioning for IBM Software Virtual Appliance (CVE-2015-7547)

Summary A vulnerability in GNU C library glibc affects IBM SmartCloud Provisioning for IBM Software Virtual Appliance CVE-2015-7547. Vulnerability Details CVEID: CVE-2015-7547 DESCRIPTION: GNU C Library glibc is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by th...

Security Bulletin: Vulnerabilities in OpenSSH affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance (CVE-2016-0777, CVE-2016-0778)

Summary An information leak flaw and buffer overflow flaw in the way the OpenSSH client roaming feature was implemented affects IBM SmartCloud Provisioning for IBM Software Virtual Appliance CVE-2016-0777, CVE-2016-0778. Vulnerability Details CVEID: CVE-2016-0777 DESCRIPTION: OpenSSH could allow ...

Security Bulletin: Vulnerability in MD5 Signature and Hash Algorithm affects IBM SmartCloud Provisioning for IBM Software Virtual Appliance (CVE-2015-7575)

Summary The MD5 “SLOTH” vulnerability on TLS 1.2 affects SmartCloud Provisioning for IBM Software Virtual Appliance. Vulnerability Details CVEID: CVE-2015-7575 DESCRIPTION: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for...

Security Bulletin: Multiple vulnerabilities in IBM SDK Java Technology Edition, and Logjam affect WebSphere Application Server shipped with SmartCloud Provisioning

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 6 that is used by WebSphere Application Server shipped with IBM SmartCloud Provisioning. These issues were disclosed as part of the IBM Java SDK updates in July 2015. This bulletin also addresses the Logjam...

Security Bulletin: Multiple vulnerabilities in GNU grep affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance (CVE-2015-1345, CVE-2012-5667)

Summary Multiple vulnerability in GNU grep affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance. Vulnerability Details CVEID: CVE-2015-1345 DESCRIPTION: GNU grep is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by an error in kwset.c. A remote...

Security Bulletin: Multiple Vulnerabilities in libxml, OpenSSH, Firefox affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance (CVE-2015-1819, CVE-2015-5600, CVE-2015-7183, CVE-2015-7181, CVE-2015-7182)

Summary Multiple Vulnerabilities in libxml, OpenSSH, Firefox affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance. Vulnerability Details CVEID: CVE-2015-1819 DESCRIPTION: Libxml is vulnerable to a denial of service, caused by an XML External Entity Injection XXE error in the...

Security Bulletin: Multiple Vulnerabilities in Firefox affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance

Summary Multiple Vulnerabilities in Firefox affect IBM SmartCloud Provisioning 2.1 for IBM Software Virtual Appliance. Vulnerability Details CVEID: CVE-2015-4506 DESCRIPTION: Mozilla Firefox is vulnerable to a buffer overflow, caused by improper bounds checking in the libvpx library when parsing...

Security Bulletin: Vulnerability in spice affects IBM SmartCloud Provisioning for IBM Software Virtual Appliance (CVE-2015-5261, CVE-2015-5260)

Summary Vulnerability spice affects IBM SmartCloud Provisioning for IBM Software Virtual Appliance CVE-2015-5261, CVE-2015-5260. Vulnerability Details CVEID: CVE-2015-5261 DESCRIPTION: Red Hat spice is vulnerable to a heap-based buffer overflow. By sending specially crafted QXL command, a local...

Security Bulletin: Vulnerability in libxml, openssh, PAM, Firefox, affects IBM SmartCloud Provisioning for IBM Software Virtual Appliance

Summary Vulnerability in libxml, openssh, PAM, Firefox, affects IBM SmartCloud Provisioning 2.1 for IBM Software Virtual Appliance CVE-2015-1819, CVE-2015-3238, CVE-2015-5600 and others. Vulnerability Details CVEID: CVE-2015-1819 DESCRIPTION: Libxml is vulnerable to a denial of service, caused by...

Security Bulletin: Vulnerability in qemu-kvm affects IBM SmartCloud Provisioning for IBM Software Virtual Appliance

Summary Security Bulletin: Vulnerability in qemu-kvm affects IBM SmartCloud Provisioning for IBM Software Virtual Appliance CVE-2015-5165. Vulnerability Details CVEID: CVE-2015-5165 DESCRIPTION: Xen could allow a local attacker to obtain sensitive information, caused by the improper validation of...

Security Bulletin: Multiple vulnerabilities in Firefox, affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance (CVE-2015-4497, CVE-2015-4498)

Summary Security Bulletin: Multiple vulnerabilities in Firefox, affect IBM SmartCloud Provisioning 2.1 for IBM Software Virtual Appliance CVE-2015-4497, CVE-2015-4498. Vulnerability Details CVEID: CVE-2015-4497 DESCRIPTION: Mozilla Firefox could allow a remote attacker to execute arbitrary code o...

Security Bulletin: Vulnerability in common-collections affects IBM SmartCloud Provisioning for IBM Software Virtual Appliance (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by IBM SmartCloud Provisioning for IBM Software Virtual Appliance. Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons Collections could allow a remote attacker to execute...

Security Bulletin: Multiple vulnerabilities in NTP, Hivex, glibc, libuser, BIND affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance

Summary Multiple vulnerabilities in NTP, Hivex, glibc, libuser, BIND, affect IBM SmartCloud Provisioning 2.1 for IBM Software Virtual Appliance CVE-2014-9297, CVE-2014-9298, CVE-2014-9273, CVE-2013-7424, CVE-2015-3245, CVE-2015-3246, CVE-2015-5477. Vulnerability Details CVEID: CVE-2014-9297...

Security Bulletin: Multiple vulnerabilities in cups, curl, libxfont affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance

Summary Multiple vulnerabilities in cups, curl, libxfont affect IBM SmartCloud Provisioning 2.1 for IBM Software Virtual Appliance CVE-2014-9679, CVE-2015-1158, CVE-2015-1159, CVE-2014-3613, CVE-2014-3707, CVE-2014-8150, CVE-2015-3143, CVE-2015-3148,CVE-2015-1802, CVE-2015-1803, CVE-2015-1804...