HP Security Bulletin HPSBHF03641 1 - A potential security vulnerability has been identified with certain versions of HPE Integrated Lights-Out 3 (iLO 3). This vulnerability, also known as the "Vaudenay vulnerability", could be remotely exploited using TLS CBC Padding and MAC Errors resulting in disclosure of information. Revision 1 of this advisory.
58e82735227f4286de90f9cfe8309c05b1d48976220a0330658f8f7cc251e5edHP Security Bulletin HPSBGN03638 1 - Potential vulnerabilities have been identified in the lighttpd and OpenSSH version used in HPE Remote Device Access: Virtual Customer Access System (vCAS). These vulnerabilities could be exploited remotely resulting in unauthorized modification of information, denial of service (DoS), and disclosure of information. Revision 1 of this advisory.
52dde48bf7e6534ed145537c197f29c8bff97d184184ef9e9c43b600d40a7d73HP Security Bulletin HPSBNS03635 1 - Multiple potential remote and local vulnerabilities impacting Perl and PHP have been addressed by HPE NonStop Servers OSS Script Languages. The vulnerabilities include Perl's opportunistic loading of optional modules which might allow local users to gain elevation of privilege via a Trojan horse library under the current working directory. Revision 1 of this advisory.
d61092f8531c4cfe3e647e6a78dff740f1529c96097e41b94e0050770ca40436HP Security Bulletin HPSBHF03441 1 - Potential security vulnerabilities have been identified in HPE Integrated Lights Out 3 and HPE Integrated Lights Out 4, and Integrated Lights Out 4 mRCA. The vulnerabilities could lead to multiple remote vulnerabilities. Revision 1 of this advisory.
7889e4f573031fdbcd9fbf761f17dfb5923a384253397c2e9d451aeb014e4133HP Security Bulletin HPSBGN03634 1 - A potential security vulnerability has been identified in HPE Enterprise Solution Sizers and Storage Sizer running Smart Update. The vulnerability could be exploited remotely to allow arbitrary code execution. Revision 1 of this advisory.
06f9b4bc7cb59b1007f7ab1901ffc0300d48726096bc986e192aa400cf7b580eHP Security Bulletin HPSBST03629 1 - A potential security vulnerability has been identified with HP StoreFabric B-series switches. The vulnerability could be remotely exploited resulting in disclosure of privileged information. Revision 1 of this advisory.
60dfeffeab93ed3fd5862d279067ca304090e8eedbadf0cd03e8fa83060c6baaHP Security Bulletin HPSBGN03630 2 - A vulnerability in Apache Commons Collections (ACC) for handling Java object deserialization was addressed in the AdminUI of HP Operations Manager for Unix, Solaris and Linux. The vulnerability could be exploited remotely to allow remote code execution. Revision 2 of this advisory.
d663eec4579facf8f6a81f46b5a6f77f682c0a3bfdeaa267a6fca762dbec6c64HP Security Bulletin HPSBHF03440 1 - A potential security vulnerability in JQuery was addressed by HPE Integrated Lights-Out 3. The vulnerability could be remotely exploited to allow Cross-Site Scripting (XSS). Revision 1 of this advisory.
d4e4427059bf0f52d590b8440696253f452456d6b56937c208ef0874ee58a1ffHP Security Bulletin HPSBGN03633 1 - Potential vulnerabilities have been identified in HPE Release Control. The vulnerabilities could be exploited remotely to allow denial of service (DoS), disclosure of information, unauthorized access to files or server-side request forgery (SSRF). Revision 1 of this advisory.
68d84f188e9bdf598b43722893cb31397086d862f7cd42988f4a6f861aed1d3aHP Security Bulletin HPSBGN03564 2 - A vulnerability in Apache Commons Collections for handling Java object deserialization was addressed by HPE Release Control. The vulnerability could be exploited remotely to allow code execution. Revision 2 of this advisory.
afdaca6bf17ef91c2a531287417315a9cb95c9979b6e134ca3e6f79bae9ab7dbHP Security Bulletin HPSBST03603 1 - HPE StoreVirtual products running LeftHand OS has addressed stack based buffer overflows in glibc's implementation of getaddrinfo(). This vulnerability could be remotely exploited to cause Denial of Service (DoS) or allow execution of arbitrary code on the host with the permissions of a user running glibc library. Revision 1 of this advisory.
7a1938552ec305f40be8a23af07bd878dc473a9a0b00a6ec1d1ad7c762c07075HP Security Bulletin HPSBGN03630 1 - A vulnerability in Apache Commons Collections (ACC) for handling Java object deserialization was addressed in the AdminUI of HP Operations Manager for Unix, Solaris and Linux. The vulnerability could be exploited remotely to allow remote code execution. Revision 1 of this advisory.
745cf5e5dfc7c05cec2a0a06dcce95a6bd55552bd1be8b60cef63528b32d5890HP Security Bulletin HPSBGN03631 1 - A potential security vulnerability has been identified with HPE IceWall Identity Manager and HPE IceWall SSO Password Reset Option running Apache Commons FileUpload. The vulnerability could be exploited remotely resulting in a Denial of Service (DoS). Revision 1 of this advisory.
c17910ace9f145dd7b8ebe6050394be1f1cf3db8ff2d238485bbcd1b64225fcbHP Security Bulletin HPSBMU03562 3 - A vulnerability in Apache Commons Collections for handling Java object deserialization was addressed by HPE Service Manager. The vulnerability could be exploited remotely to allow remote code execution. Revision 3 of this advisory.
eed9f65b9705737625677d7e690f7560a269ccc0e480bfd90248f7ddbb67a48fHP Security Bulletin HPSBHF03608 1 - A vulnerability in Apache Commons Collections (ACC) for handling Java object deserialization was addressed by HPE iMC PLAT and other network products. The vulnerability could be exploited remotely to allow execution of arbitrary code. Revision 1 of this advisory.
a4f731c6afd9d8b0d771afec7e5598fde89d382f0e5d637587497d7a2efe4e3fHP Security Bulletin HPSBGN03628 1 - Security vulnerabilities in the libXML2 library could potentially impact HPE IceWall Federation Agent resulting in Remote Denial of Service (DoS), or unauthorized modification, or unauthorized disclosure of information. Revision 1 of this advisory.
bf4f6cf115d8b52476b924e17a4fd8b3cb9956dc7a8071d968df7ab5ed4d6413HP Security Bulletin HPSBHF03613 1 - Potential security vulnerabilities in OpenSSL have been addressed with HPE network products including iMC, VCX, Comware 5 and Comware 7. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS) or unauthorized access. Revision 1 of this advisory.
9167fdcf073265b0be894bab391505d9b9700dc7bb114d588f30e9567cafc92bHP Security Bulletin HPSBGN03627 1 - A potential security vulnerability has been identified with HPE Service Manager. This is the RC4 stream cipher vulnerability in SSL/TLS known as "Bar Mitzvah" could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.
7c6ebe827eae0bacd2a4c46ef0accd6ec66d2c234787734246d6671b00c65198HP Security Bulletin HPSBGN03626 1 - A vulnerability in TLS using US export-grade 512-bit keys in Diffie-Hellman key exchange known as "Logjam" was addressed by HPE Service Manager. The vulnerability could be remotely exploited to allow disclosure of information. Revision 1 of this advisory.
273336983ab7c89049298197cce72162f447dfe45d581519c19e477dfd6764e3HP Security Bulletin HPSBNS03625 1 - NonStop Application Server for Java (NSASJ) has addressed the cross-protocol Attack on TLS using SSLv2 also known as "DROWN". This vulnerability could be exploited remotely resulting in disclosure of information. Note: NSASJ configurations that have enabled SSL/TLS are vulnerable if SSLv2 is enabled or they share private keys with systems that have it enabled. Revision 1 of this advisory.
c3e94f79879e500eb0df374f911ece7d9787942c754b7671f21cb5eb956ce26fHP Security Bulletin HPSBGN03553 1 - HP OneView has addressed stack based buffer overflows in glibc's implementation of getaddrinfo() and also a vulnerability in OpenSSL. These vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) or allow execution of arbitrary code on the host with the permissions of the user running glibc library. Revision 1 of this advisory.
3617e671a811e5e4891b16d55373f0c543a2327eaeb55d97e84f1a429f8e0a07HP Security Bulletin HPSBGN03617 2 - Security vulnerabilities in the libXML2 library could potentially impact HPE IceWall Federation Agent and IceWall File Manager resulting in Remote Denial of Service (DoS). Revision 2 of this advisory.
6b708451afacf61935662aab3d512552a8fc3fc797ff8206e40a1f91d80efef0HP Security Bulletin HPSBGN03623 1 - A potential security vulnerability has been identified in HPE Universal CMDB. The vulnerability could be exploited remotely to allow remote disclosure of sensitive information. Revision 1 of this advisory.
bf0b9e29255730ffd5c04f56dbaba7e2b31bc907e20a67ba4ff34cdfea4e81a2HP Security Bulletin HPSBGN03622 1 - A potential security vulnerability has been identified in the Apache Commons Collections (ACC) component in HPE Universal CMDB, HPE Universal Discovery, and HPE Universal CMDB Configuration Manager. The vulnerability could be exploited remotely to allow remote code execution. Revision 1 of this advisory.
0a5e7a76ae0e9dea6d218c8ae25b1839f0e9d03d09644f803c67b625efe83789HP Security Bulletin HPSBGN03621 1 - Several potential security vulnerabilities have been identified in the OpenSSL library for HPE Universal CMDB. These vulnerabilities could be exploited remotely to allow disclosure of sensitive information. Revision 1 of this advisory.
6aafc05f1d11b18f3329c8dbdfe48519893d60f5e7b228f2e00ceff72c673efd
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed