HP Security Bulletin HPSBGN03567 1 - A security vulnerability in Apache Commons Collections (ACC) for handling Java object deserialization was addressed by HP Asset Manager. The vulnerability could be exploited remotely to allow remote code execution. Revision 1 of this advisory.
b105c64c961cfa4667a4ed0bfe5281184dfa6572901c35582d35e964ea25011cHP Security Bulletin HPSBGN3547 1 - Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows remote attackers to read arbitrary files via a .. (dot = dot) in the Filename field of an RRQ operation. Revision 1 of this advisory.
1f3e8868b00af47129e352df5e7d96c015037163a8da3a3ed509547718297d0bHP Security Bulletin HPSBGN03444 2 - Potential vulnerabilities have been identified in HPE Network Automation. The vulnerabilities could allow remote code execution and disclosure of sensitive information. Revision 2 of this advisory.
8825a302f1a200b2f6239bd036841adc3188f5ef702fd54e39a2aeb0732b7666HP Security Bulletin HPSBGN03563 1 - Security vulnerabilities in the OpenSSL library could potentially impact HPE IceWall products resulting in local or remote Denial of Service (DoS) and local disclosure of sensitive information. Revision 1 of this advisory.
57d02e5956b8e30e3dcc52080b4967e3e1c4122e0888e933cc4d3579340a64ccHP Security Bulletin HPSBMU03562 2 - A vulnerability in Apache Commons Collections for handling Java object deserialization was addressed by HPE Service Manager. The vulnerability could be exploited remotely to allow code execution. Revision 2 of this advisory.
582059f3157f5288f539b5a0198aa639f4e5be8cb75df46d07a3774d77273937HP Security Bulletin HPSBMU03562 1 - A vulnerability in Apache Commons Collections for handling Java object deserialization was addressed by HPE Service Manager. The vulnerability could be exploited remotely to allow code execution. Revision 1 of this advisory.
a1c6b05d91e43e9dc01451c2fb600f54a3523e810077b08aec7f60a544b9b1d8HP Security Bulletin HPSBGN03560 1 - A vulnerability in Apache Commons Collections (ACC) for handling Java object deserialization was addressed by HP Operations Orchestration. The vulnerability could be exploited remotely to allow remote code execution. Revision 1 of this advisory.
dabf88562c3d568574f16c9869668dd905462c090a231336b8ec7d56f2e5c20aHP Security Bulletin HPSBGN03551 1 - HPE Helion Development Platform has addressed stack based buffer overflows in glibc's implementation of getaddrinfo(). These vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) or allow execution of arbitrary code on the host with the permissions of a user running glibc library. Revision 1 of this advisory.
6a5c6e511c9ded81cb50fa7de880a49ca9815f8fa2566a142a513c72014743b9HP Security Bulletin HPSBGN03438 1 - A potential security vulnerability has been identified in HP Support Assistant. This vulnerability could be exploited locally to allow authentication bypass. Revision 1 of this advisory.
07400e92384da3334d67e6a03571dee46f89f2e7c29f2288543dfcec99f778acHP Security Bulletin HPSBGN03558 1 - A potential security vulnerability has been identified with ArcSight ESM and ESM Express. The vulnerability could be remotely exploited to allow disclosure of sensitive information. Revision 1 of this advisory.
28d0bc2f388a200af3b1537d9e5168c41fd4215d9f8a4f0c1be046c2a7f360b7HP Security Bulletin HPSBMU03377 2 - A potential security vulnerability has been identified with HP Release Control running RC4. A vulnerability in SST/TLS RC4 stream cipher known as Bar Mitzah was addressed by HPE Release Control. The vulnerability could be exploited to allow remote disclosure of information. Revision 2 of this advisory.
4a94ecae79f15bff50ee993b4a368bc87c1663772c14a553a0431dd5b25590ccHP Security Bulletin HPSBGN03373 2 - A potential security vulnerability has been identified with HP Release Control running TLS. A vulnerability in TLS using US export-grade 512-bit keys in Diffie-Hellman key exchange known as Logjam was addressed by HPE Release Control. The vulnerability could be exploited remotely resulting in disclosure of information. Revision 2 of this advisory.
c7ab295ff54fc9e8af778c388d377b988d9f1b9560972de5f8c1692ecd8907bbHP Security Bulletin HPSBGN03556 1 - Potential security vulnerabilities have been identified with ArcSight ESM and ESM Express. The vulnerabilities could be exploited remotely to trick an unsuspecting user into downloading arbitrary files, or running arbitrary commands on the local system. Revision 1 of this advisory.
cf8822912f05e564ebbcf6adff6e7eba8bae5544368d2a840f223918b71b5367HP Security Bulletin HPSBHF03557 1 - A potential security vulnerability has been identified with HPE Networking products using Comware 7 (CW7) running NTP. The vulnerability could be remotely exploited resulting in Denial of Service (DoS). Revision 1 of this advisory.
6e2309bc06ad5e4c3030cade0da03d041a9be29ed81c5ddd587e172312d053e2HP Security Bulletin HPSBPI03546 1 - A potential security vulnerability has been identified with certain HP LaserJet Printers and MFPs, and certain HP OfficeJet Enterprise printers and MFPs, which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.
db9fa0aaa519130f69d0a3334e16ce41d0c763e84b355f7fa9bc8c588445252fHP Security Bulletin HPSBHF03439 1 - HP has identified a potential security vulnerability with the Sure Start implementation on certain 2015 commercial platforms. This vulnerability could be exploited locally by administrator or root level privileges and if compromised, the Sure Start systems could fail to recover the BIOS. Revision 1 of this advisory.
3f85453b4a238744be2fc526bc164b41df544116d4d399101f7907fc1bfa37d0HP Security Bulletin HPSBGN03550 2 - A security vulnerability in Apache Flex BlazeDS was addressed by HP Operations Manager i (OMi) and Business Service Manager (BSM). The vulnerability could be exploited remotely resulting in disclosure of information. Note : OMi v10.10 is NOT affected by this vulnerability. Revision 2 of this advisory.
27a92a5d40551b9d1b66e19a06398f5aaeda2de982126868c4b21cbd744ed72aHP Security Bulletin HPSBHF03436 1 - A potential security vulnerability has been identified with certain HP Thin Clients running ThinPro OS. The vulnerability could be exploited exploited locally resulting in elevated privileges. Revision 1 of this advisory.
5695aa787fe5e82c2be6c82f544299746f5ce21e3320dcdf97f877efbdd9c76fHP Security Bulletin HPSBGN03442 1 - HPE Helion OpenStack has addressed stack based buffer overflows in glibc's implementation of getaddrinfo(). These vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) or allow execution of arbitrary code on the host with the permissions of a user running glibc library. Revision 1 of this advisory.
6539fd974a37cf918334232d4666c73e3f1b4b61616cb996dd44f390809b7782HP Security Bulletin HPSBHF03545 1 - Potential security vulnerabilities identified with Windows running the NVidia Graphics Driver have been addressed in certain HP EliteBook and Zbook Products. The vulnerabilities could be locally exploited resulting in execution of code, Denial of Service (DoS), elevation of privilege, or other impacts. Note: In addition to the CVE vulnerabilities referenced below, this update also addresses the "MS_Detours_Security_Update_For_Nvidia_Driver" vulnerability where the Nvidia driver has an unpatched Microsoft Detours library that limits the effectiveness of OS Security features such as ASLR, DEP and SafeSEH. Depending on the security context of the target system, malicious code attacks can result in loss of information, denial of service, or full system compromise. Revision 1 of this advisory.
f118993bc418f60effd30bc977f6b18eb1c3c8b8170ad3977e0897c320619eccHP Security Bulletin HPSBGN03549 1 - HPE IceWall products have addressed stack based buffer overflows in glibc's implementation of getaddrinfo(). These vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) or allow execution of arbitrary code on the host with the permissions of a user running glibc library. Revision 1 of this advisory.
5c0bafbdb117854cb467fe44692de91315ec03062242458e577de6b74ec77e61HP Security Bulletin HPSBHF03544 1 - Potential security vulnerabilities in cURL and libcurl have been addressed with HPE iMC PLAT and other HP and H3C products using Comware 7. The vulnerabilities could be exploited remotely resulting in unauthorized access. Revision 1 of this advisory.
85b2d81dc1b3f872228664d35268d8bbb970c56095b755f549519a9b80b7f991HP Security Bulletin HPSBGN03547 1 - A security vulnerability in glibc has been addressed with HPE Helion Eucalyptus Node Controller and other Helion Eucalyptus components. The vulnerability could be exploited remotely resulting in arbitrary execution of code. Revision 1 of this advisory.
80d01bb5a617b997b4377008c9a6dff9fe6fc1ba42119b92775c9ae396faf290HP Security Bulletin HPSBGN03430 3 - A potential security vulnerability has been identified with ArcSight Management Center, ArcSight Connector Appliance, ArcSight Logger, and ArcSight SmartConnectors. The vulnerability could be exploited locally to allow elevation of privilege. Note: The following products are not vulnerable if installed as a non-root user: ArcSight Management Center, ArcSight Connector Appliance, ArcSight Logger, and ArcSight SmartConnectors. Revision 3 of this advisory.
d7215ebcf539ffb9d1d26047055f4347fa2c8b28d8000805204f6fc6ab162380HP Security Bulletin HPSBGN03434 1 - A vulnerability in Apache Commons Collections for handling Java object deserialization was addressed by HP Continuous Delivery Automation. The vulnerability could be exploited remotely to allow remote code execution. Revision 1 of this advisory.
7e654d5a1eb622679ffbb71b8a9e1bc9ac44c4d4aadffd7c946a269d5f4c01c9
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed