24 matches found
EUVD-2014-3069
Malware in sbrugna...
Security Bulletin: TSSC/IMC is vulnerable to 6 unspecified vulnerabilities in Java SE
Summary TSSC/IMC is vulnerable to 6 unspecified vulnerabilities in Java SE. The latest code level has an upgrade to the relevant libaries to fix CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20932, CVE-2024-20945, CVE-2024-20952 Vulnerability Details CVEID:CVE-2024-20918 DESCRIPTION: A...
Security Bulletin: TSSC/IMC is vulnerable to a Prefix truncation attack on Binary Packet Protocol
Summary TSSC/IMC is vulnerable to a Prefix truncation attack on Binary Packet Protocold. A patch has been provided that updates the libssh library. CVE-2023-48795. Vulnerability Details CVEID:CVE-2023-48795 DESCRIPTION: The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH...
Security Bulletin: TSSC/IMC is vulnerable to a bypass security restrictions attack on curl
Summary TSSC/IMC is vulnerable to a bypass security restrictions attack on curl. A patch has been provided that updates the libssh library. CVE-2023-28322, CVE-2023-38546, CVE-2023-46218 Vulnerability Details CVEID:CVE-2023-28322 DESCRIPTION: cURL libcurl could allow a remote attacker to bypass...
Security Bulletin: TSSC/IMC is vulnerable to a denial of service on Apache HTTP Server
Summary TSSC/IM is vulnerable to a denial of service on Apache HTTP Server. The latest code level has an upgrade to the relevant libaries to fix CVE-2024-27316. Vulnerability Details CVEID:CVE-2024-27316 DESCRIPTION: Apache HTTP Server is vulnerable to a denial of service, caused by the failure t...
Security Bulletin: TSSC/IMC is vulnerable to arbitrary code execution due to systemd
Summary TSSC/IMC is vulnerable to arbitrary code execution due to systemd. A patch has been provided that updates the systemd library. CVE-2023-26604. Vulnerability Details CVEID:CVE-2023-26604 DESCRIPTION: systemd could allow a local authenticated attacker to gain elevated privileges on the...
Security Bulletin: TSSC/IMC is vulnerable to aritrary code execution due to Linux Kernel
Summary TSSC/IMC is vulnerable to arbitrary code execution due to Linux Kernel. A patch that updates the Kernel library has been provided. CVE-2023-2002, CVE-2023-3090, CVE-2023-3390, CVE-2023-3776, CVE-2023-4004, CVE-2023-20593, CVE-2023-35001, CVE-2023-35788. Vulnerability Details...
Security Bulletin: TSSC/IMC is vulnerable to arbitrary code execution due to Linux Kernel
Summary TSSC/IMC is vulnerable to aritrary code excecution due to kernel. A patch has been provided that updates the kernel library. CVE-2022-42896, CVE-2023-1281, CVE-2023-1829, CVE-2023-2124, CVE-2023-2194, CVE-2023-2235. Vulnerability Details CVEID:CVE-2022-42896 DESCRIPTION: Linux Kernel coul...
Security Bulletin: TSSC/IMC is vulnerable to low availability, low integrity and low confidentiality due to Java SE
Summary TSSC/IMC is vulnerable to low availability, low integrity and low confidentiality due to Java SE. A patch has been provided that updates the Java SE library. CVE-2023-22006, CVE-2023-22036, CVE-2023-22041, CVE-2023-22045, CVE-2023-22049, CVE-2023-25193. Vulnerability Details...
Security Bulletin: TSSC/IMC is vulnerable to aritrary code excecution due to Java (CVE-2023-22081)
Summary TSSC/IMC is vulnerable to aritrary code excecution due to Dmidecode. A patch has been provided that updates the Java library. CVE-2023-22081 Vulnerability Details CVEID:CVE-2023-22081 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component could allow a remote...
Security Bulletin: TSSC/IMC is vulnerable to aritrary code excecution due to curl (CVE-2023-27536, CVE-2023-28321)
Summary TSSC/IMC is vulnerable to aritrary code excecution due to cURL. A patch has been provided that updates the curl library. CVE-2023-30630, CVE-2023-28321 Vulnerability Details CVEID:CVE-2023-27536 DESCRIPTION: cURL libcurl could allow a remote attacker to bypass security restrictions, cause...
Security Bulletin: TSSC/IMC is vulnerable to a denial of service attack due to ncruses (CVE-2023-29491)
Summary TSSC/IMC is vulnerable to a denial of service attack due to ncruses CVE-2023-29491. A patch has been provided that updates the Dmidecode library. Vulnerability Details CVEID:CVE-2023-29491 DESCRIPTION: ncurses is vulnerable to a denial of service, caused by a memory corruption flaw when...
Security Bulletin: TSSC/IMC is vulnerable to aritrary code excecution due to Dmidecode (CVE-2023-30630)
Summary TSSC/IMC is vulnerable to aritrary code excecution due to Dmidecode. A patch has been provided that updates the Dmidecode library. CVE-2023-30630 Vulnerability Details CVEID:CVE-2023-30630 DESCRIPTION: Dmidecode could allow a local authetnicated attacker to bypass security restrictions,...
Security Bulletin: TS3000(TSSC) is affected by a vulnerability in OpenSSL (CVE-2014-0160)
Abstract A security vulnerability has been discovered in OpenSSL. Content CVE-ID:CVE-2014-0160 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the TLS/DTLS heartbeat functionality. An attacker could exploit this vulnerability to expose 64k...
Security Bulletin: TS3000 code level v7.x affected by Open Source GnuTLS cyrpto issue (CVE-2014-0092)
Summary A security vulnerability has been found that affects certain level of TSSC code. Vulnerability Details lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows...
Security Bulletin: TS3000 code levels 5.x and 7.x affected by various OpenSSL vulnerabilities
Summary Six security vulnerabilities have been found that affect most levels of TSSC code. Vulnerability Details A malicious user could exploit these vulnerabilities to decrypt and modify traffic sent between a client and a server, to execute arbitrary code on a client or server, crash a server, ...
Security Bulletin: TS3000 (TSSC/IMC) is vulnerable to privilege escalation vulnerability due to polkit ( CVE-2021-4034 )
Summary A privilege escalation vulnerability has been discovered in pkexec, a component of polkit. The TSSC does not use pkexec, but the executable does exist on the system. A patch has been provided that removes the executable from the file system. Vulnerability Details CVEID: CVE-2021-4034...
Security Bulletin: TS3000 (TSSC/IMC) is affected by two issues for glibc (CVE-2015-1781, CVE-2013-7423 )
Summary The Total Storage System Console/TS4500 Integrated Management Console is affected by two vulnerabilities in the glibc library. Vulnerability Details CVEID: CVE-2013-7423 DESCRIPTION: GNU glibc could allow a local attacker to obtain sensitive information, caused by the writing of DNS queri...
Security Bulletin: Vulnerability in IBM Java Runtime affects TSSC/IMC (TS3000) (CVE-2015-0138)
Summary The “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability affects IBM® Runtime Environment Java™ Technology Edition, Version 1.7 that is used by TSSC/IMC Vulnerability Details CVEID: CVE-2015-0138 DESCRIPTION: A vulnerability in various IBM SSL/TLS...
Security Bulletin: Vulnerabilities in Bash affect TSSC (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, CVE-2014-6278)
Summary Six Bash vulnerabilities were disclosed in September 2014. This bulletin addresses the vulnerabilities that have been referred to as “Bash Bug” or “Shellshock” and two memory corruption vulnerabilities. Bash is used by TSSC.. Vulnerability Details CVE-ID: CVE-2014-6271 DESCRIPTION: GNU Ba...