56 matches found
EUVD-2013-5295
Malware in sbrugna...
Security Bulletin: Vulnerability in the JVM (CVE-2013-1500)
Abstract In SmartCloud Provisioning, when AWT code is run, a vulnerability of the JVM can be exploited. Content VULNERABILITY DETAILS: CVEID: CVE-2013-1500 DESCRIPTION: An unspecified vulnerability related to the Java Runtime Environment 2D component has partial confidentiality impact, partial...
Security Bulletin: Vulnerability in command line interface (CVE-2013-5455)
Abstract Any user, even with READ-ONLY access to everything, has the ability to start/stop/DELETE ANY virtual system using the command line interface. Content VULNERABILITY DETAILS: DESCRIPTION: Any user, even with READ-ONLY access to everything, has the ability to start/stop/DELETE ANY virtual...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect WebSphere Application Server shipped with SmartCloud Provisioning (CVE-2016-5573, CVE-2016-5597)
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition 6 that affect WebSphere Application Server shipped with SmartCloud Provisioning. These issues were disclosed as part of the IBM Java SDK updates in October 2016. SmartCloud Provisioning product software reached suppor...
Security Bulletin: IBM SmartCloud Provisioning security vulnerability has been identified in nginx (CVE-2016-4450)
Summary IBM SmartCloud Provisioning and SmartCloud Provisioning for Software Virtual Appliaance ships with nginx. A denial of service vulnerability has been identified in nginx CVE-2016-4450. Vulnerability Details CVE-ID: CVE-2016-4450 Description: nginx is vulnerable to a denial of service, caus...
Security Bulletin: Multiple Vulnerabilities in ISC Bind affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance (CVE-2016-1286, CVE-2016-2088, CVE-2016-1285)
Summary Vulnerabilities have been identified in bind package in ISC Bind affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance. Vulnerability Details CVEID: CVE-2016-1286 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by an error when parsing signature records...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM SmartCloud Provisioning
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ that is used by IBM SmartCloud Provisioning. These issues were disclosed as part of the IBM Java SDK updates in April 2016. Vulnerability Details CVEID: CVE-2016-3443 DESCRIPTION: An...
Security Bulletin: Multiple vulnerabilities in Samba affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance
Summary Samba vulnerabilities were disclosed on April 12, 2016. Samba is used by IBM SmartCloud Provisioning for IBM Software Virtual Appliance. IBM SmartCloud Provisioning for IBM Software Virtual Appliance has addressed the applicable CVEs including the vulnerability commonly referred to as...
Security Bulletin: Multiple vulnerabilities in qemu-kvm affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance
Summary Multiple vulnerabilities in qemu-kvm affect IBM SmartCloud Provisioning V2.1 for IBM Software Virtual Appliance. Please note product software support discontinuance as per IBM Withdrawal Announcement 916-016. For withdrawal announcement information details see the Reference section below...
Security Bulletin: Vulnerabilities in Python, rpcbind, SQLite affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance
Summary Vulnerabilities in Python, rpcbind, SQLite packages affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance. Vulnerability Details CVEID: CVE-2014-4650 DESCRIPTION: Python CGIHTTPServer module could allow a remote attacker to obtain sensitive information, caused by the failu...
Security Bulletin: Multiple vulnerabilities in IBM SDK Java Technology Edition affect WebSphere Application Server shipped with SmartCloud Provisioning
Summary Multiple vulnerabilities in IBM SDK Java Technology Edition affect WebSphere Application Server shipped with SmartCloud Provisioning. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and includes the vulnerability commonly referred to as “SLOTH”. Note that...
Security Bulletin: A vulnerability in GNU C library (glibc) affects IBM SmartCloud Provisioning for IBM Software Virtual Appliance (CVE-2015-7547)
Summary A vulnerability in GNU C library glibc affects IBM SmartCloud Provisioning for IBM Software Virtual Appliance CVE-2015-7547. Vulnerability Details CVEID: CVE-2015-7547 DESCRIPTION: GNU C Library glibc is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by th...
Security Bulletin: Vulnerabilities in OpenSSH affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance (CVE-2016-0777, CVE-2016-0778)
Summary An information leak flaw and buffer overflow flaw in the way the OpenSSH client roaming feature was implemented affects IBM SmartCloud Provisioning for IBM Software Virtual Appliance CVE-2016-0777, CVE-2016-0778. Vulnerability Details CVEID: CVE-2016-0777 DESCRIPTION: OpenSSH could allow ...
Security Bulletin: Vulnerability in MD5 Signature and Hash Algorithm affects IBM SmartCloud Provisioning for IBM Software Virtual Appliance (CVE-2015-7575)
Summary The MD5 “SLOTH” vulnerability on TLS 1.2 affects SmartCloud Provisioning for IBM Software Virtual Appliance. Vulnerability Details CVEID: CVE-2015-7575 DESCRIPTION: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for...
Security Bulletin: Multiple vulnerabilities in IBM SDK Java Technology Edition, and Logjam affect WebSphere Application Server shipped with SmartCloud Provisioning
Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 6 that is used by WebSphere Application Server shipped with IBM SmartCloud Provisioning. These issues were disclosed as part of the IBM Java SDK updates in July 2015. This bulletin also addresses the Logjam...
Security Bulletin: Multiple vulnerabilities in GNU grep affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance (CVE-2015-1345, CVE-2012-5667)
Summary Multiple vulnerability in GNU grep affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance. Vulnerability Details CVEID: CVE-2015-1345 DESCRIPTION: GNU grep is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by an error in kwset.c. A remote...
Security Bulletin: Multiple Vulnerabilities in libxml, OpenSSH, Firefox affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance (CVE-2015-1819, CVE-2015-5600, CVE-2015-7183, CVE-2015-7181, CVE-2015-7182)
Summary Multiple Vulnerabilities in libxml, OpenSSH, Firefox affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance. Vulnerability Details CVEID: CVE-2015-1819 DESCRIPTION: Libxml is vulnerable to a denial of service, caused by an XML External Entity Injection XXE error in the...
Security Bulletin: Vulnerability in spice affects IBM SmartCloud Provisioning for IBM Software Virtual Appliance (CVE-2015-5261, CVE-2015-5260)
Summary Vulnerability spice affects IBM SmartCloud Provisioning for IBM Software Virtual Appliance CVE-2015-5261, CVE-2015-5260. Vulnerability Details CVEID: CVE-2015-5261 DESCRIPTION: Red Hat spice is vulnerable to a heap-based buffer overflow. By sending specially crafted QXL command, a local...
Security Bulletin: Multiple Vulnerabilities in Firefox affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance
Summary Multiple Vulnerabilities in Firefox affect IBM SmartCloud Provisioning 2.1 for IBM Software Virtual Appliance. Vulnerability Details CVEID: CVE-2015-4506 DESCRIPTION: Mozilla Firefox is vulnerable to a buffer overflow, caused by improper bounds checking in the libvpx library when parsing...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with SmartCloud Provisioning (CVE-2015-7450)
Summary IBM WebSphere Application Server is shipped as a component of SmartCloud Provisioning Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Consult security bulletin Vulnerability in Apache...