43 matches found
EUVD-2012-2161
Malware in sbrugna...
EUVD-2012-2160
Malware in sbrugna...
EUVD-2012-4754
Malware in sbrugna...
EUVD-2018-19029
Malware in sbrugna...
A week in security (October 10 - 16)
Last week on Malwarebytes Labs: Teen talk: What it's like to grow up online, and the role of parents: Lock and Code S03E21 White House unveils Blueprint for an AI Bill of Rights Credential stuffers take aim at Final Fantasy XIV players Meta accuses apps of stealing WhatsApp accounts Smart lights...
Security Bulletin: IBM XIV Storage System (MTM 2810-A14, 2812-A14, MTM 2810-114, 2812-114) Fixed Passwords for Maintenance Accounts (CVE-2012-2166)
Abstract IBM XIV Storage Systems have maintenance accounts with fixed passwords. A fix is available to manage access to these accounts. Content VULNERABILITY DETAILS: DESCRIPTION: The XIV Storage Systems have preconfigured user accounts that are used for maintenance purposes. These accounts have...
Security Bulletin: Tivoli Storage Productivity Center is affected by the following OpenSSL vulnerabilities: CVE-2013-4353, CVE-2013-6449, CVE-2013-6450
Summary Security vulnerabilities have been discovered in OpenSSL that were reported by the OpenSSL Project. Vulnerability Details CVE-ID:CVE-2013-4353 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference when handling malicious S/MIME messages. By sendin...
Security Bulletin: IBM Extended Command-Line Interface (XCLI) Utility is affected by a vulnerability in Apache Log4j (CVE-2021-4104)
Summary A vulnerability was identified within the Apache Log4j library that is used by IBM Extended Command-Line Interface XCLI Utility for IBM FlashSystem A9000/A9000R, IBM XIV Storage System models 114/214/314, and IBM Spectrum Accelerate. This vulnerability has been addressed. Vulnerability...
Security Bulletin: GNU C library (glibc) vulnerability affects Tivoli Storage Productivity Center (CVE-2015-0235)
Summary GNU C library glibc vulnerability that has been referred to as GHOST affects Tivoli Storage Productivity Center. Vulnerability Details Vulnerability Details CVEID: CVE-2015-0235 DESCRIPTION:The gethostbyname functions of the GNU C Library glibc are vulnerable to a buffer overflow. By...
Security Bulletin: Vulnerabilities in OpenSSH affect IBM XIV Gen2 (CVE-2016-0777, CVE-2016-0778)
Summary An information leak flaw and buffer overflow flaw in the way the OpenSSH client roaming feature was implemented affects IBM XIV Gen2. Vulnerability Details CVEID: CVE-2016-0777 DESCRIPTION: OpenSSH could allow a remote attacker to obtain sensitive information, caused by a client informati...
Security Bulletin: Vulnerabilities in OpenSSH affect IBM XIV Gen3 (CVE-2016-0777, CVE-2016-0778)
Summary An information leak flaw and buffer overflow flaw in the way the OpenSSH client roaming feature was implemented affects IBM XIV Gen3. Vulnerability Details CVEID: CVE-2016-0777 DESCRIPTION: OpenSSH could allow a remote attacker to obtain sensitive information, caused by a client informati...
Security Bulletin: Vulnerability in MD5 Signature and Hash Algorithm affects IBM XIV Gen3 systems and IBM XIV Management Tools (CVE-2015-7575)
Summary The MD5 “SLOTH” vulnerability on TLS 1.2 affects IBM XIV Gen3 systems and IBM XIV Management Tools. Vulnerability Details CVEID: CVE-2015-7575 DESCRIPTION: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing ...
Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM XIV Management Tools (CVE-2015-4000)
Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects XIV Management Tools. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly...
Security Bulletin: Vulnerability in OpenSSL affects IBM XIV Storage System Gen3 (CVE-2014-3570)
Summary OpenSSL vulnerabilities were disclosed on January 8, 2015 by the OpenSSL Project. OpenSSL is used by IBM XIV Storage System. IBM XIV Storage System has addressed the applicable CVE. We are unaware of any customer being affected by this issue. Vulnerability Details CVEID: CVE-2014-3570...
Security Bulletin: Vulnerability in RC4 stream cipher affects IBM XIV Storage System Gen2 (CVE-2015-2808)
Summary The RC4 “Bar Mitzvah” Attack for SSL/TLS affects IBM XIV Storage System Gen2. Vulnerability Details CVEID: CVE-2015-2808 DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit...
Security Bulletin: Vulnerability in RC4 stream cipher affects IBM XIV Management Tools (CVE-2015-2808)
Summary The RC4 “Bar Mitzvah” Attack for SSL/TLS affects IBM XIV Management Tools. Vulnerability Details CVEID: CVE-2015-2808 DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this...
Security Bulletin: Vulnerability in OpenSSL affects IBM XIV Storage System Gen3 and Gen2 (CVE-2015-0204)
Summary OpenSSL vulnerabilities were disclosed on January 8, 2015 by the OpenSSL Project. This includes “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability. OpenSSL is used by IBM XIV Storage System has addressed the applicable CVEs. Vulnerability Details CVEID:...
Security Bulletin: Multiple vulnerabilities in Java Runtime affect XIV Management Tools (CVE-2015-0410)
Summary There is a vulnerability in Oracle® Java™ SE, Version 7u72 that is used by XIV Management Tools. This issue was disclosed as part of the Oracle Java SE updates in January 2015. Vulnerability Details CVEID: CVE-2015-0410 DESCRIPTION: An unspecified vulnerability related to the Security...
Security Bulletin: GNU C library (glibc) vulnerability affects IBM XIV Storage System Gen3 (CVE-2015-0235)
Summary GNU C library glibc vulnerability that has been referred to as GHOST affects IBM XIV Storage System Gen3. Vulnerability Details CVEID: CVE-2015-0235 The gethostbyname functions of the GNU C Library glibc are vulnerable to a buffer overflow. By sending a specially crafted, but valid hostna...
Security Bulletin: GNU C library (glibc) vulnerability affects IBM XIV Storage System Gen2 (CVE-2015-0235)
Summary GNU C library glibc vulnerability that has been referred to as GHOST affects IBM XIV Storage System Gen2. Vulnerability Details CVEID: CVE-2015-0235 DESCRIPTION:The gethostbyname functions of the GNU C Library glibc are vulnerable to a buffer overflow. By sending a specially crafted, but...