BSA-2019-865

Security Advisory ID : BSA-2019-865 Component : SANnav Revision : 1.0 The authentication mechanism, in Brocade SANnav versions before v2.0,logs plaintext account credentials at the ‘trace’ and the 'debug'logging level;which could allow a local authenticated attacker to access sensitive informatio...

BSA-2019-866

Security Advisory ID : BSA-2019-866 Component : SANnav Revision : 1.0 Brocade SANnav versions before v2.0 usea hard-coded password, which could allowlocal authenticated attackers to access a back-end database and gain privileges. The vulnerability could be exploited only if the database service i...

BSA-2019-869

Security Advisory ID : BSA-2019-869 Component : SANnav Revision : 1.0 An information exposure vulnerability, in Brocade SANnav versions before v2.0, logs plain text database connection password while triggering support save. The vulnerability could allow an authenticated local malicious user with...

BSA-2019-867

Security Advisory ID : BSA-2019-867 Component : SANnav Revision : 1.0 Password-based encryption PBE algorithm, of Brocade SANnav versions before v2.0, has a weakness in generating cryptographic keys that may allow an attacker to decrypt passwords used with several services Radius, TACAS, etc...

BSA-2019-868

Security Advisory ID : BSA-2019-868 Component : SANnav Revision : 1.0 A vulnerability, in The ReportsTrustManager class of Brocade SANnav versions before v2.0, could allow an attacker to perform a man-in-the-middle attack against Secure Sockets Layer SSLconnections. The vulnerability is due to...

BSA-2019-864

Security Advisory ID : BSA-2019-864 Component : SANnav portal Revision : 1.0 A vulnerability, in Brocade SANnav versions before v2.0, could allow remote attackers to brute-force a valid session ID. The vulnerability is due to an insufficiently random session ID for several post-authentication...

BSA-2019-133

Security Advisory ID : BSA-2019-133 Component : FOS Revision : 1.0: Final The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and...

BSA-2019-843

Security Advisory ID : BSA-2019-843 Component : Kernel Revision : 1.0: Final Bitdefender researchers have identified and demonstrated a new side-channel attack.This newly disclosed attack bypasses all known mitigation mechanisms implemented in response to Spectre and Meltdown. More information at...

BSA-2019-842

Security Advisory ID : BSA-2019-842 Component : OpenSSL Revision : 1.0: Initial OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is...

BSA-2019-840

Security Advisory ID : BSA-2019-840 Component : VxWorks Revision : 1.0: Initial The Armis research team, Armis Labs, have discovered 11 zero day vulnerabilities in VxWorks®. VxWorks is used by over 2 billion devices including critical industrial, medical and enterprise devices. Dubbed “URGENT/11,...

BSA-2019-828

Security Advisory ID : BSA-2019-828 Component : TCP SACK Revision : 2.0 An excessive resource consumption flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, the Linux kernel's socket buffer SKB da...

BSA-2019-787

Security Advisory ID : BSA-2019-787 Component : Oracle Java Revision : 1.0: Final Oracle Critical Patch Update Advisories - April 2019provide security updates forOracle Java Platform software libraries. Supported versions that are affected are Java SE: 7u211, 8u202, Java SE Embedded: 8u201..Furth...

BSA-2019-783

Security Advisory ID : BSA-2019-783 Component : VPN Revision : 1.0: Final Virtual Private Networks VPNs are used to create a secure connection with another network over the internet. Multiple VPN applications store the authentication and/or session cookies insecurely in memory and/or log files...

BSA-2019-784

Security Advisory ID : BSA-2019-784 Component : Apache Tomcat Revision : 1.0: Initial When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9.0.0.M1 to 9.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 is vulnerable to Remote Code Execution due to a bug in the wa...

BSA-2019-785

Security Advisory ID : BSA-2019-785 Component : BMC/IPMI Revision : 1.0: Initial The ASPEED ast2400 and ast2500 Baseband Management Controller BMC hardware and firmware implement Advanced High-performance Bus AHB bridges, which allow arbitrary read and write access to the BMC's physical address...

BSA-2019-777

Security Advisory ID : BSA-2019-777 Component : WPA3 Revision : 1.0: Final Multiple vulnerabilities have been identified in WPA3 protocol design and implementations ofhostapdandwpasupplicant, which can allow a remote attacker to acquire a weak password, conduct a denial of service, or gain comple...

BSA-2018-616

Security Advisory ID : BSA-2018-616 Component : bzip2recover Revision : 2.0 The glob function in glob.c in the GNU C Library aka glibc or libc6 before 2.27 contains a buffer overflow during unescaping of user names with the operator. Affected Products Security update provided inBrocade Fabric OS...

BSA-2019-110

Security Advisory ID : BSA-2019-110 Component : glibc Revision : 2.0 Stack-based buffer overflow in the clntudpcall function in sunrpc/clntudp.c in the GNU C Library aka glibc or libc6 allows remote servers to cause a denial of service crash or possibly unspecified other impact via a flood of...

BSA-2018-606

Security Advisory ID : BSA-2018-606 Component : bzip2recover Revision : 2.0 The GNU C Library aka glibc or libc6 before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the operator follow...

BSA-2019-764

Security Advisory ID : BSA-2019-764 Component : OpenSSH Revision : 1.0: Final Use-after-free vulnerability in the mmanswerpamfreectx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to sen...

BSA-2019-766

Security Advisory ID : BSA-2019-766 Component : OpenSSH Revision : 1.0: Final A flaw was found in the way OpenSSH handled PAM authentication when using privilege separation. An attacker with valid credentials on the system and able to fully compromise a non-privileged pre-authentication process...

BSA-2019-767

Security Advisory ID : BSA-2019-767 Component : LIBSSH2 Revision : 1.0: Final libssh2 is a client-side C library implementing the SSH2 protocol.It supports regular terminal, SCP and SFTPsessions; port forwarding, X11 forwarding; password, key-based and keyboard-interactive authentication. Libssh2...

BSA-2019-755

Security Advisory ID : BSA-2019-755 Component : Apache Revision : 1.0: Final Apache 2.4 vulnerabilities in Brocade Fibre Channel Products from Broadcom Multiple Brocade Fibre Channel technology products from Broadcom incorporate Apache httpd 2.4 librairies. Apache released in January 2019, a list...

BSA-2019-753

Security Advisory ID : BSA-2019-753 Component : Kernel Revision : 1.0: Initial A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound write in fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image...

BSA-2019-754

Security Advisory ID : BSA-2019-754 Component : APT Revision : 1.0: Final A vulnerability in apt could allows a network man-in-the-middle or a malicious package mirror to execute arbitrary code as root on a machine installing any package. The bug has been fixed in the latest versions of apt. If...

BSA-2018-744

Security Advisory ID : BSA-2018-744 Component : Webconsole Revision : 1.0: Initial A Vulnerability in Brocade Network Advisor Version before 14.1.0 could allow a remote unauthenticated attacker to execute arbitray code.The vulnerability could also be exploited to execute arbitrary OS Commands...

BSA-2018-746

Security Advisory ID : BSA-2018-746 Component : Servlet Revision : 1.0: Initial A Vulnerability in Brocade Network Advisor Version before 14.0.3 could allow a remote unauthenticated attacker to export the current user database which includes the encypted not hashed password of the systems. The...

BSA-2018-841

Security Advisory ID : BSA-2018-841 Component : Hard-coded Credentials Revision : 3.0: Final A vulnerability in Brocade Network Advisor Version Before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented...

BSA-2018-743

Security Advisory ID : BSA-2018-743 Component : Hard-coded Credentials Revision : 3.1: Final A vulnerability in Brocade Network Advisor could allow an unauthenticated, remote attacker to log into the JMX Console of an affected system using an undocumented User credentials. The vulnerability is du...

BSA-2018-740

Security Advisory ID : BSA-2018-740 Component : CPU featuring SMT Revision : 1.0: Initial A group a researchers has discover a new vulnerability being called PortSmash, impacting all CPUs that use a Simultaneous Multithreading SMT architecture. SMT is a technology that allows multiple computing...

BSA-2018-590

Security Advisory ID : BSA-2018-590 Component : Oracle Java Revision : 2.0: Final Oracle Critical Patch Update Advisories - April 2018 and July 2018provide security updates forOracle Java Platform software libraries. Java SE JDK and JRE versions beforeJRE 8u181are affected by vulnerabilities that...

BSA-2018-739

Security Advisory ID : BSA-2018-739 Component : Texas Instrument Microcontrollers CC2640 and CC2650 Revision : 1.0: Initial Texas Instrument Microcontrollers CC2640 and CC2650 are vulnerable to variable and heap overflow.Both Texas Instrument microcontrollers CC2640 and CC2650 BLE-Stacks contain ...

BSA-2018-737

Security Advisory ID : BSA-2018-737 Component : OpenSSL Revision : 2.0: Final The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a-dev...

BSA-2018-731

Security Advisory ID : BSA-2018-731 Component : Fabric OS CLI Revision : 1.0: Initial Multiple Vulnerabilities in Brocade Fabric OS command line interface CLIcould allow a local attacker toescape the restricted shell and, gain root access. Commands Affected help command -CVE-2018-6437 - CVSS 3: 7...

BSA-2018-735

Security Advisory ID : BSA-2018-735 Component : Fabric OS WebGui Revision : 1.0: Initial A vulnerability in the Brocade webtools firmware update section of Brocade Fabric OS could allow remote authenticated attackers to execute arbitrary commands as the root user. Affected Products Brocade Fabric...

BSA-2018-733

Security Advisory ID : BSA-2018-733 Component : Fabric OS Proxy Service Revision : 1.0: Initial A vulnerability in the proxy service of Brocade Fabric OS versions could allow remote unauthenticated attackersto obtain sensitive information and possibly cause a denial of service. Affected Products...

BSA-2018-730

Security Advisory ID : BSA-2018-730 Component : Fabric OS CLI Revision : 1.0: Initial Multiple Vulnerabilities in Brocade Fabric OS command line interface CLIcould allow a local attacker toescape the restricted shell and, gain root access. Commands Affected firmwaredownload command -CVE-2018-6436...

BSA-2018-736

Security Advisory ID : BSA-2018-736 Component : Fabric OS WebGui Revision : 1.0: Initial The Web management interface of Brocade Fabric OS doesn’t send cookies with secure flag.This could allow attackers to intercept or manipulate a victim user's session ID. Affected Products Brocade Fabric OS...

BSA-2018-728

Security Advisory ID : BSA-2018-728 Component : Fabric OS CLI : secryptocfg export command Revision : 1.0: Initial A vulnerability in the secryptocfg export command of Brocade Fabric OS could allow a local attacker to bypass the export file access restrictions and initiate a file copy from the...

BSA-2018-734

Security Advisory ID : BSA-2018-734 Component : Secure Shell Revision : 1.0: Initial A vulnerability in Brocade Fabric OS Secure Shell implementation could allow a local attacker to provide arbitrary environment variables,which can be used to bypass the restricted configuration shell. Affected...

BSA-2018-729

Security Advisory ID : BSA-2018-729 Component : Fabric OS CLI Revision : 1.0: Initial A vulnerability in the secryptocfg command of Brocade Fabric OS command line interface CLIcould allow a local attacker toescape the restricted shell and, gain root access. Affected Products Brocade Fabric OS...

BSA-2018-711

Security Advisory ID : BSA-2018-711 Component : Apache HTTPD Revision : 1.0: Final The Apache HTTP Server 2.4.17 and 2.4.18, when modhttp2 is enabled, does not limit the number of simultaneous stream workers for a single HTTP/2 connection, which allows remote attackers to cause a denial of servic...

BSA-2018-539

Security Advisory ID : BSA-2018-539 Component : OpenSSH Revision : 2.0: Final The resendbytes function in roamingcommon.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffe...

BSA-2018-540

Security Advisory ID : BSA-2018-540 Component : OpenSSH Revision : 2.0: Final The 1 roamingread and 2 roamingwrite functions in roamingcommon.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file...

BSA-2018-710

Security Advisory ID : BSA-2018-710 Component : Apache HTTPD Revision : 1.0: Final In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only...

BSA-2018-708

Security Advisory ID : BSA-2018-708 Component : Ghostscript Revision : 1.0: Final Ghostscript contains an optional -dSAFER option, which is supposed to prevent unsafe PostScript operations. Multiple PostScript operations bypass the protections provided by -dSAFER, which can allow an attacker to...

BSA-2018-700

Security Advisory ID : BSA-2018-700 Component : Apache Struts 2 Revision : 1.0: Final Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when using results with no namespace and in same time, its upper actions have no or wildcard namespace. Same...

BSA-2018-696

Security Advisory ID : BSA-2018-696 Component : Kernel Revision : 1.0: Final A TCP data structure in supported versions of FreeBSD 11, 11.1, 11.2, 10, and 10.4 use an inefficient algorithm to reassemble the data. This causes the CPU time spent on segment processing to grow linearly with the numbe...

BSA-2018-698

Security Advisory ID : BSA-2018-698 Component : OpenSSH Revision : 2.0: Final OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c...

BSA-2018-690

Security Advisory ID : BSA-2018-690 Component : Kernel Revision : 1.0: Final The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending...