Security Bulletin:Vulnerability in RC4 stream cipher affects InfoSphere Replication Dashboard (CVE-2015-2808)

Summary The RC4 “Bar Mitzvah” Attack for SSL/TLS affects InfoSphere Replication Dashboard. Vulnerability Details CVEID: CVE-2015-2808 DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could...

Security Bulletin: InfoSphere Replication Dashboard is affected by a vulnerability in the IBM Runtime Environment, Java Technology Edition (CVE-2014-4263)

Summary There are multiple vulnerabilities in IBM Runtime Environment Java Technology Edition, Version 7.1.1.0 that is used by InfoSphere Replication Dashboard. These issues were disclosed as part of the IBM Java SDK updates in July 2014. IBM InfoSphere Replication Dashboard is affected by a sing...

Security Bulletin: InfoSphere Data Replication Dashboard is affected by a vulnerability in the IBM Runtime Environment, Java™ Technology Edition (CVE-2014-0453)

Summary An unspecified vulnerability related to the Security component has partial confidentiality impact, partial integrity impact, and no availability impact. Vulnerability Details CVE ID: CVE-2014-0453 CVSS: CVSS Base Score: 4 CVSS Temporal Score: See for the current score CVSS Environmental...

Security Bulletin: Vulnerability in InstallAnywhere affects IBM InfoSphere Change Data Capture installers (CVE-2016-4560)

Summary InstallAnywhere generates installation executables on Microsoft Windows which are vulnerable to a DLL-planting exploit affecting the Change Data Capture CDC components within the IBM InfoSphere Data Replication and IBM InfoSphere Change Data Delivery families of products. Vulnerability...

CentOS Update for 389-ds-base CESA-2018:1380 centos7

Check the version of 389-ds-base SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882899";...

Quest DR Series Disk Backup Software Command Injection Vulnerability

The Quest DR Series are disk storage and deduplication appliances. A command injection vulnerability exists in the "Stop Replication" method in Quest DR Series Disk Backup Software versions prior to 4.0.3.1. An attacker could exploit this vulnerability to execute commands...

CentOS 7 : 389-ds-base (CESA-2018:1380)

An update for 389-ds-base is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

389 security update

CentOS Errata and Security Advisory CESA-2018:1380 An update for 389-ds-base is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Amazon Linux AMI : mysql55 (ALAS-2018-1028)

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure wher...

Amazon Linux AMI : mysql57 (ALAS-2018-1026)

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

MMM mmm_agentd shell command injection vulnerability (CNVD-2018-15651)

MySQL Multi-Master Replication Manager MMM is a set of flexible scripts that performs monitoring/failover and management of MySQL master-master replication configurations. mmmagentd is an agent daemon that runs on each MySQL server and provides a simple set of remote services to the monitoring...

MMM mmm_agentd shell command injection vulnerability (CNVD-2018-15654)

MySQL Multi-Master Replication Manager MMM is a set of flexible scripts that performs monitoring/failover and management of MySQL master-master replication configurations. mmmagentd is an agent daemon that runs on each MySQL server and provides a simple set of remote services to the monitoring...

MMM mmm_agentd shell command injection vulnerability (CNVD-2018-15653)

MySQL Multi-Master Replication Manager MMM is a set of flexible scripts that performs monitoring/failover and management of MySQL master-master replication configurations. mmmagentd is an agent daemon that runs on each MySQL server and provides a simple set of remote services to the monitoring...

Six Vulnerabilities Found in Dell EMC’s Disaster Recovery System, One Critical

A pen-tester has found six vulnerabilities in Dell EMC RecoverPoint devices, including a critical remote code execution flaw that could allow total system compromise. EMC RecoverPoint is a disaster recovery tool that can be used to back up local and remote information storage, across data centers...

Scientific Linux Security Update : 389-ds-base on SL7.x x86_64 (20180515)

Security Fixes : - 389-ds-base: ns-slapd crash via large filter value in ldapsearch CVE-2018-1089 Bug Fixes : - Indexing tasks in Directory Server contain the nsTaskStatus attribute to monitor whether the task is completed and the database is ready to receive updates. Before this update, the serv...

Fedora 26 : mysql-mmm (2018-92f04c6b61)

Multi-Master Replication Manager for MySQL mmmagentd Remote Command Injection Vulnerabilities This update adds data sanitization to inputs for the mmm agent. Multiple exploitable remote command injection vulnerabilities exist in the MySQL Master-Master Replication Manager MMM mmmagentd daemon...

[SECURITY] Fedora 28 Update: mysql-mmm-2.2.1-20.fc28

MMM MySQL Master-Master Replication Manager is a set of flexible scripts to perform monitoring/failover and management of MySQL Master-Master replication configurations with only one node writable at any time. The toolset also has the ability to read balance standard master/slave configurations...

[SECURITY] Fedora 26 Update: mysql-mmm-2.2.1-20.fc26

MMM MySQL Master-Master Replication Manager is a set of flexible scripts to perform monitoring/failover and management of MySQL Master-Master replication configurations with only one node writable at any time. The toolset also has the ability to read balance standard master/slave configurations...

[SECURITY] Fedora 27 Update: mysql-mmm-2.2.1-20.fc27

MMM MySQL Master-Master Replication Manager is a set of flexible scripts to perform monitoring/failover and management of MySQL Master-Master replication configurations with only one node writable at any time. The toolset also has the ability to read balance standard master/slave configurations...

solr: Directory traversal via Index Replication HTTP API

When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path...