HP Security Bulletin HPSBMU03614 1 - Security vulnerabilities in Samba could potentially impact HPE Systems Insight Manager. These vulnerabilities could be remotely exploited using man-in-the-middle (MITM) attacks resulting in unauthorized identification of valid users and unqualified configuration changes. Revision 1 of this advisory.
57050fb741cc6cede64fb1fa941893f6e42b2ac7316781e959344e9cfc600e90HP Security Bulletin HPSBMU03584 2 - Multiple potential vulnerabilities have been addressed by HPE Network Node Manager I (NNMi). These vulnerabilities could be remotely exploited resulting in authentication bypass, Cross-Site Scripting (XSS), disclosure of information, or unauthorized access. Revision 2 of this advisory.
9d3210e006b78fa1a4ade7191659ecf926e882ebc76b0210925fc869c3037392HP Security Bulletin HPSBGN03618 1 - Potential vulnerabilities have been identified in HPE Service Manager. These vulnerabilities could be remotely exploited to allow disclosure of information, unauthorized read access to files and server side request forgery. Revision 1 of this advisory.
770c838de2c7d6f981b3b4017d493a14868de6fedf78e5241c304a616bff3b3bHP Security Bulletin HPSBGN03624 1 - A potential vulnerability has been identified in Project and Portfolio Management Center. This vulnerability could be exploited to remotely to allow execution of arbitrary commands and disclosure of sensitive information. Revision 1 of this advisory.
7c23964f5f63275c5b37a59f3aad150ebb8f9d880b0803c58664dcbe8c32c862HP Security Bulletin HPSBGN03620 1 - Security vulnerabilities in OpenSSL were addressed by HPE Helion OpenStack. The vulnerabilities could be exploited resulting in remote unauthorized data access. A security vulnerability in QEMU was addressed by HPE Helion OpenStack. The vulnerability could be exploited resulting in local unauthorized data access. Revision 1 of this advisory.
d1b612cc70edfce5ba387e8425500e9751b27c175642ca04df19044824c9dfd8HP Security Bulletin HPSBGN03619 1 - A vulnerability in Apache Commons Collections for handling Java object deserialization was addressed by HPE Discovery and Dependency Mapping Inventory (DDMi). The vulnerability could be exploited remotely to allow remote code execution. Revision 1 of this advisory.
fd7d6100b3d7e6617397636f3a5d8655fcb7a6338c8afcb1707dff1b864bd3cdHP Security Bulletin HPSBGN03442 2 - HPE Helion OpenStack has addressed stack based buffer overflows in glibc's implementation of getaddrinfo(). These vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) or allow execution of arbitrary code on the host with the permissions of a user running glibc library. Revision 2 of this advisory.
186f43f7a6764e45853fc9e00be530ce4c2d2318aed00bacd397094ffd9ba277HP Security Bulletin HPSBHF3548 1 - A flaw was found in the way the Linux kernel's ASN.1 DER decoder processed certain certificate files with tags of indefinite length. A local, unprivileged user could use a specially crafted X.509 certificate DER file to crash the system or, potentially, escalate his or her privileges on the system. Revision HPSBHF3548 of this advisory.
8b0d293bda62937cd08b5e6cab2593c2e389b3beb470d3ef755df0c07b564dfcHP Security Bulletin HPSBMU03612 1 - Multiple potential security vulnerabilities have been identified with HPE Insight Control (IC) on Windows which could be exploited remotely resulting in Denial of Service (DoS), Unauthorized Access, Cross-site scripting (XSS), Execution of Arbitrary code, Disclosure of Sensitive Information,Remote Code Execution and locally resulting in Cross-site Request Forgery (CSRF). Revision 1 of this advisory.
55b881f2a237e07f9560dcebcf5f78996c72fe03931da60fb9afbd2da087871dHP Security Bulletin HPSBMU03607 1 - Multiple potential security vulnerabilities have been identified in HPE BladeSystem c-Class Virtual Connect (VC) firmware. These vulnerabilities include: The SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "POODLE", which could be exploited remotely resulting in disclosure of information. The Cross-protocol Attack on TLS using SSLv2 also known as "DROWN", which could be exploited remotely resulting in disclosure of information. Additional OpenSSL and OpenSSH vulnerabilities which could be remotely exploited resulting in Denial of Service (DoS), disclosure of information, or Cross-site Request Forgery (CSRF). Revision 1 of this advisory.
0fcaa98109f349b0cc14e9fe32a0f10dcbf38053afd926747b325159bfe4984aHP Security Bulletin HPSBOV03615 1 - Potential security vulnerabilities have been identified in OpenVMS CSWS running the Apache Tomcat 7 Servlet Engine. These vulnerabilities could be exploited remotely resulting in access restriction bypass, Cross-Site Request Forgery (CSRF), directory traversal, unauthorized read access to data, execution of arbitrary code with privilege elevation, or Denial of Service (DoS). Revision 1 of this advisory.
ede618831ba4bd88562474a907f609650ab7e6942ea6ff0205c3ea9f43a8cc05HP Security Bulletin HPSBGN03609 1 - Several potential security vulnerabilities have been identified in HPE LoadRunner and Performance Center. These vulnerabilities could be exploited remotely to allow code execution, and Denial of Service (DoS). Revision 1 of this advisory.
8dd85acecdc21de2b83763c45a87e794f9470dfbfb9e4a32c3ab4870e2d8c66fHP Security Bulletin HPSBGN03610 1 - Security vulnerabilities in the OpenSSL library could potentially impact HPE IceWall products resulting in Remote arbitrary code execution or Denial of Service (DoS). Revision 1 of this advisory.
8cc009ba6907782d4fc8e5af2fb95027485e1b514a4e20492a5f84bc0bfb8b0bHP Security Bulletin HPSBMU03611 1 - Multiple potential security vulnerabilities have been identified with the Matrix Operating Environment on Windows and Linux that could be exploited remotely resulting in Denial of Service (DoS), Unauthorized Access, Execution of arbitrary code, Cross-site scripting (XSS), Disclosure of Sensitive Information, Code Execution, and locally resulting in Cross-site Request Forgery (CSRF). Revision 1 of this advisory.
07f921689053d6bedbb8e1f9fc233c8b5f70902577e1ef3c8ec264ef9e30544eHP Security Bulletin HPSBMU03600 1 - HPE Insight Control server provisioning has addressed security vulnerabilities in OpenSSL that could be exploited remotely resulting in Denial of Service (DoS). Revision 1 of this advisory.
341dae9f50ec43fb24b92ecde65911dbb8eba0c9ce6d5266796050698f106475HP Security Bulletin HPSBUX03606 1 - Potential security vulnerabilities have been identified in HP-UX running the Apache Tomcat 7 Servlet Engine. These vulnerabilities could be exploited remotely resulting in URL redirection, access restriction bypass, Cross-Site Request Forgery (CSRF), directory traversal, unauthorized read access to data, execution of arbitrary code with privilege elevation, or Denial of Service (DoS). Revision 1 of this advisory.
df62ff6655a43fb30ff150baa36bd88eeea1345a5f855edc60c502d45bb1d955HP Security Bulletin HPSBMU03601 1 - HPE Insight Control server deployment has addressed the following security vulnerabilities: The Cross-protocol Attack on TLS using SSLv2 also known as "DROWN" which could be exploited remotely resulting in disclosure of information Multiple OpenSSL vulnerabilities which could be remotely exploited resulting in Denial of Service (DoS) Multiple vulnerabilities that can be exploited locally resulting in Cross-site scripting (XSS), and Information Disclosure. Revision 1 of this advisory.
5d35db5021a3e1e977bf248f0f4d2e0973624f00926593096b12913d74b63dacHP Security Bulletin HPSBGN03605 1 - A potential vulnerability has been identified in HPE Service Manager. The vulnerability could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.
d65b75f5ab641a72a1689f928cc8b1e48e6eab3b06ac1c7255f27b9bc4141865HP Security Bulletin HPSBGN03564 1 - A vulnerability in Apache Commons Collections for handling Java object deserialization was addressed by HPE Release Control. The vulnerability could be exploited remotely to allow remote code execution. Revision 1 of this advisory.
ef1f742fc4bd3c96553859d5c5aa86f5e72396632889706992696756f56636d0HP Security Bulletin HPSBHF03579 1 - HPE ConvergedSystem for SAP HANA has addressed security vulnerabilities in OpenSSL. The Cross-protocol Attack on TLS using SSLv2, also known as "DROWN", could be could be remotely exploited resulting in disclosure of privileged information, unauthorized access to data, and unauthorized access to sensitive information. Revision 1 of this advisory.
839547502680a606065e72839f52dfc00f6e75d89e9b9b2ef70a67959bf073f8HP Security Bulletin HPSBHF03578 1 - HPE ConvergedSystem for SAP HANA Solutions has addressed stack-based buffer overflows in the GNU C library's (glibc) implementation of the getaddrinfo() library function. These vulnerabilities could be exploited remotely to cause a Denial of Service (DoS) or allow execution of arbitrary code on the host with the permissions of a user using the glibc library. Revision 1 of this advisory.
f467478965503248c96c094ed51e89e4ccb098e7d4023a82cd28359603541c37HP Security Bulletin HPSBGN03602 1 - A potential security vulnerability has been identified in HPE RESTful Interface Tool application on Linux and Windows. The vulnerability could be exploited locally resulting in disclosure of information. Revision 1 of this advisory.
1c6a6377136f788d5ead75de59c4a1251040191325e8f3d2b0f9c32620f0660fHP Security Bulletin HPSBGN03587 1 - 3rd party code template: A security vulnerability in Open vSwitch could potentially impact HPE Helion OpenStack resulting in a remote denial of Service (DoS) or arbitrary command execution. HPE Helion OpenStack has also addressed several OpenSSL vulnerabilities including: The Cross-protocol Attack on TLS using SSLv2 also known as "DROWN", which could be exploited remotely resulting in disclosure of information. Multiple OpenSSL vulnerabilities which could be remotely exploited resulting in Denial of Service (DoS) or other impacts. Revision 1 of this advisory.
d4fceaa0ba4a7864b939e73b9efc7e9a3c3d9f771140a67054d955accf574196HP Security Bulletin HPSBHF03594 1 - Security vulnerabilities in OpenSSL have been addressed by HPE ConvergedSystem 500 & 900 and HPE AppSystems for SAP HANA. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS), unauthorized disclosure of information, and unauthorized modification. Revision 1 of this advisory.
d33fe09cf5ca02681f9ac76ff30e6bbf0d623c549fe9a315a6a3243d9bd2c5e5HP Security Bulletin HPSBMU03590 1 - Several potential security vulnerabilities have been identified in HPE Systems Insight Manager (SIM) on Windows and Linux. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS), execution of arbitrary code, disclosure of information, Cross-site Request Forgery (CSRF), and Cross-site scripting (XSS). Revision 1 of this advisory.
0d87e5cf948c457cbccb5fbac35b83c4012fe852b7698e47171b0b53a8f1b615
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed