137 matches found
Security update for SUSE Manager Client Tools (moderate)
openSUSE Security Update: Security update for SUSE Manager Client Tools Announcement ID: openSUSE-SU-2020:1105-1 Rating: moderate References: 1113160 1138822 1142038 1148177 1153090 1153277 1154940 1154968 1155372 1163871 1165921 1168310 1170231 1170557 1170824 1171687 1172462 Cross-References:...
SUSE-SU-2020:1972-1 Security update for SUSE Manager Client Tools
This update fixes the following issues: dracut-saltboot: - Print a list of available disk devices bsc1170824 - Install wipefs to initrd - Force install crypt modules golang-github-prometheus-prometheus: - Update change log and spec file + Modified spec file: default to golang 1.14 to avoid 'have...
SUSE-SU-2020:1718-1 Security Beta update for SUSE Manager Client Tools and Salt
This update fixes the following issues: cobbler: - Calculate relative path for kernel and inited when generating grub entry bsc1170231 Added: fix-grub2-entry-paths.diff - Fix os-release version detection for SUSE Modified: sles15.patch - Jinja2 template library fix bsc1141661 - Removes string...
SUSE-SU-2020:1715-1 Security Beta update for SUSE Manager Client Tools and Salt
This update fixes the following issues: dracut-saltboot: - Print a list of available disk devices bsc1170824 - Install wipefs to initrd - Force install crypt modules - Add missing terminal naming modifiers as exported veriables golang-github-prometheus-prometheus: - Update change log and spec fil...
SUSE-SU-2019:2317-1 Security update for SUSE Manager Client Tools
This update fixes the following issues: golang-github-prometheus-prometheus: - Add support for Uyuni/SUSE Manager service discovery + Added 0003-Add-Uyuni-service-discovery - Readded service file removed in error. - Update to 2.11.1 + Bug Fix: Fix potential panic when prometheus is watching...
SUSE-SU-2019:2312-1 Security update for SUSE Manager Client Tools
This update fixes the following issues: golang-github-prometheus-prometheus: - Add support for Uyuni/SUSE Manager service discovery + Added 0003-Add-Uyuni-service-discovery - Readded service file removed in error. - Update to 2.11.1 + Bug Fix: Fix potential panic when prometheus is watching...
Security Bulletin: Access Manager Client in IBM DataPower Gateways is vulnerable to a denial of service attack.
Summary IBM DataPower Gateways has addressed a vulnerability in the ISAM Access Manager Client component that could cause a denial of service. Vulnerability Details CVEID: CVE-2016-3706 DESCRIPTION: GNU C Library glibc or libc6 is vulnerable to a denial of service, caused by a stack-based buffer...
Security Bulletin: Tivoli Storage Manager (IBM Spectrum Protect) AIX Client Buffer Overflow (CVE-2016-5985)
Summary The Tivoli Storage Manager IBM Spectrum Protect AIX client is vulnerable to a buffer overflow when Journal-Based Backup is enabled allowing a local attacker to execute arbitrary code on the system or cause a system crash. Vulnerability Details CVEID: CVE-2016-5985 DESCRIPTION: The IBM...
Security Bulletin: Vulnerability in InstallShield affects IBM Tivoli Storage Manager Client (CVE-2016-2542)
Summary InstallShield generates installation executables which are vulnerable to a DLL-planting that affects the IBM Tivoli Storage Manager IBM Spectrum Protect Client on Windows platforms. Vulnerability Details CVEID: CVE-2016-2542 DESCRIPTION: Flexera InstallShield could allow a local attacker ...
Security Bulletin: Vulnerability in IBM Java Runtime affects Tivoli Storage Manager Operations Center and Tivoli Storage Manager Client Management Service (CVE-2015-7575)
Summary There is a vulnerability in IBM® Runtime Environment Java™ Technology Edition, Version 8.0.2.1 that is used by Tivoli Storage Manager Operations Center and Tivoli Storage Manager Client Management Service. This vulnerability, commonly referred to as “SLOTH”, was disclosed as part of the I...
Security Bulletin: A security vulnerability has been identified in the Tivoli Storage Manager Client shipped with IBM Tivoli Storage FlashCopy Manager for Windows (CVE-2015-0287)
Summary The IBM Tivoli Storage Manger client IBM Spectrum Protect is shipped as a component of IBM Tivoli Storage FlashCopy Manager for Windows IBM Spectrum Protect Snapshot. Information about a security vulnerability affecting the IBM Tivoli Manager client has been published in a security...
Security Bulletin: Vulnerabilities in OpenSSL affect the IBM Tivoli Storage Manager Client and IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (CVE-2015-0287)
Summary OpenSSL vulnerabilities were disclosed on March 19, 2015 by the OpenSSL Project. OpenSSL, used by the Tivoli Storage Manager Client, has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-0287 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an error...
Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects the IBM Tivoli Storage Manager Client and the IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware data mover (CVE-2015-4000)
Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects the IBM Tivoli Storage Manager Client. However, the problem only manifests when the Tivoli Storage Manager Client is used as the IBM Tivoli Storage Manager for Virtual Environments: Data...
Security Bulletin: Apache Commons FileUpload vulnerable to denial of service (CPU consumption) are affecting Case Manager Client (CVE-2016-3092)
Summary Apache Commons FileUpload vulnerable to denial of service CPU consumption are affecting Case Manager Client. Vulnerability Details Apache Commons FileUpload that are being utilized by the Forms widget in Case Manager Client when you are working with IBM FileNet eForms are vulnerable to...
Security Bulletin: Apache HttpComponents vulnerable to spoofing attacks are affecting Case Manager Client (CVE-2012-6153, CVE-2014-3577)
Summary Apache HttpComponents that are vulnerable to spoofing attacks are affecting Case Manager Client. Vulnerability Details Apache HttpComponents that are being utilized by the Forms widget in Case Manager Client when you are working with IBM Forms are vulnerable to spoofing attacks. CVEID:...
Security Bulletin: A vulnerability in OpenSSL affects IBM DataPower Gateways (CVE-2016-2183)
Summary A vulnerability in the SSL/TLS protocol affects the ISAM Access Manager client and JMS. IBM DataPower Gateways has fully addressed the applicable CVE in version 7.5.2, and in earlier releases it was addressed with a combination of a code fix and a workaround. Vulnerability Details CVEID:...
Skybox Manager Client Application Information Disclosure Vulnerability
Skybox Manager Client Application is a client-side management application of a network security risk analysis tool from Skybox Security, USA. An information disclosure vulnerability exists in Skybox Manager Client Application versions prior to 8.5.501. A local attacker can exploit this...
CVE-2017-14771
Skybox Manager Client Application prior to 8.5.501 is prone to an arbitrary file upload vulnerability due to insufficient input validation of user-supplied files path when uploading files via the application. During a debugger-pause state, a local authenticated attacker can upload an arbitrary fi...
CVE-2017-14772
Skybox Manager Client Application is prone to information disclosure via a username enumeration attack. A local unauthenticated attacker could exploit the flaw to obtain valid usernames, by analyzing error messages upon valid and invalid account login attempts...
CVE-2017-14771
Skybox Manager Client Application prior to 8.5.501 is prone to an arbitrary file upload vulnerability due to insufficient input validation of user-supplied files path when uploading files via the application. During a debugger-pause state, a local authenticated attacker can upload an arbitrary fi...