CVE : https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve

Similar documents
CVE :

Brocade will no longer provide security updates as End of Life (EOL) was January 18, 2013.

Ruckus Wireless Security Advisory ID FAQ

Vulnerability Notice. Symmetric Key NTP. Summary. Background (From CVE Project) Impact

12 th January MWR InfoSecurity Security Advisory. WebSphere MQ xcsgetmem Heap Overflow Vulnerability. Contents

After you install WatchGuard XCS v10.2, make sure you install any additional software updates available for this release.

Cyber Security Advisory

Security Advisory Relating to the Speculative Execution Vulnerabilities with some microprocessors

Verification & Validation of Open Source

MWR InfoSecurity Security Advisory. Intersystems Caché CSP (Caché Server Pages) Stack Overflow. 17 th December 2009

Trends in Open Source Security. FOSDEM 2013 Florian Weimer Red Hat Product Security Team

C and C++ Secure Coding 4-day course. Syllabus

MWR InfoSecurity Security Advisory. IBM Lotus Domino Accept- Language Stack Overflow. 20 th May Contents

Play with FILE Structure Yet Another Binary Exploitation Technique. Abstract

MWR InfoSecurity Security Advisory. Linux USB Device Driver - Buffer Overflow. 29 th October Contents

Security Advisory Relating to the Speculative Execution Vulnerabilities with some microprocessors

Stack Overflow. Faculty Workshop on Cyber Security May 23, 2012

ECE 471 Embedded Systems Lecture 22

MCAFEE FOUNDSTONE FSL UPDATE

Exploiting USB/IP in Linux

Vulnerability Signature Update

SA30228 / CVE

2 Sadeghi, Davi TU Darmstadt 2012 Secure, Trusted, and Trustworthy Computing Chapter 6: Runtime Attacks

Security Improvements on Cast Iron

CA SiteMinder. Advanced Password Services Release Notes SP1

Synology Security Whitepaper

VMware Adapter for SAP Landscape Management (VASLM) 1.5.1: Release Notes

Cisco UCS Performance Manager Release Notes

Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade Review

MWR InfoSecurity Security Advisory. IBM WebSphere MQ - rrilookupget Remote Denial of Service Vulnerability. 4th March 2010

Access Manager 4.2 Service Pack 1 (4.2.1) supersedes Access Manager 4.2.

Five years of Red Hat Enterprise Linux 4 Mark J Cox, Red Hat Security Response Team

IPS Signature Database

McAfee Web Gateway

Brocade FOS Release v6.2.2f9 Internal Content Notes

CNIT 127: Exploit Development. Ch 18: Source Code Auditing. Updated

For information about how to purchase and download this product, see the PlateSpin Protect product website.

Network Security Platform 8.1

Embedded/Connected Device Secure Coding. 4-Day Course Syllabus

RBS Rockwell Automation FactoryTalk Services Platform RNADiagnostics Module Missing Size Field Validation Remote Denial of Service.

StoneGate SSL VPN Release Notes for Version 1.2.0

MCAFEE FOUNDSTONE FSL UPDATE

Intrusion Detection and Prevention Release Notes

Lecture 1: Buffer Overflows

AppGate 11.0 RELEASE NOTES

M!DGE/MG102i Release notes Firmware version xxx

Buffer Overflow Defenses

CSE 565 Computer Security Fall 2018

Stonesoft Management Center. Release Notes for Version 5.6.1

MWR InfoSecurity Security Advisory. IBM WebSphere MQ - rridecompress Remote Denial of Service Vulnerability. 4th March 2010

MCAFEE FOUNDSTONE FSL UPDATE

Intel Acceleration Stack for Intel Xeon CPU with FPGAs Version 1.2 Release Notes

Stack Overflow COMP620

Security: A year of Red Hat Enterprise Linux 4. Mark J Cox

Ubuntu Server LTS for Dell EMC PowerEdge Servers. Release Notes

Overview AEG Conclusion CS 6V Automatic Exploit Generation (AEG) Matthew Stephen. Department of Computer Science University of Texas at Dallas

Intel Analysis of Speculative Execution Side Channels

Chapter 5: Vulnerability Analysis

Applications. Cloud. See voting example (DC Internet voting pilot) Select * from userinfo WHERE id = %%% (variable)

The Art of Exploiting Unconventional Use-after-free Bugs in Android Kernel. Di Shen a.k.a. Retme Keen Lab of Tencent

McAfee Labs: Combating Aurora

CC Software version 1.5.0

Scan report for Scanned on :47:40

CIS 5373 Systems Security

Symptom Condition / Workaround Issue Full domain name is not resolved by the RDP- ActiveX Client.

Security Advisory IP Camera Vulnerability December

Stonesoft Firewall/VPN Express. Release Notes for Version 5.5.7

Stonesoft Management Center. Release Notes for Version 5.5.1

CSE 544 Advanced Systems Security

How To Prevent Rolling Spam Factories. Ryan Ware Lead Security Architect

Windows Security Updates for August (MS MS06-051)

IOActive Security Advisory

HA2lloc: Hardware-Assisted Secure Allocator

MWR InfoSecurity Security Advisory. IBM Lotus Domino icalendar Address Stack Buffer Overflow Vulnerability. 14 th September 2010

Cisco UCS Performance Manager Release Notes

VERTIV. Avocent ACS8xxx Advanced Console System Release Notes VERSION 2.4.2, AUGUST 24, Release Notes Section Outline. 1 Update Instructions

Emulating USB Device Firmware Update

Hacking Blind BROP. Presented by: Brooke Stinnett. Article written by: Andrea Bittau, Adam Belay, Ali Mashtizadeh, David Mazie`res, Dan Boneh

Linux Kernel Futex Fun: Exploiting CVE Dougall Johnson

Secure Coding Techniques

NGN: Carriers and Vendors Must Take Security Seriously

Common Vulnerability Scoring System v3.0 Examples

StoneGate Management Center. Release Notes for Version 5.3.3

Network Security Platform 8.1

Intel Cache Acceleration Software (Intel CAS) for Linux* v2.9 (GA)

Disclaimer. Warranty

Host Identity Sources

Security and network design

Hackveda Training - Ethical Hacking, Networking & Security

Embedded USB Host Hub Class Driver User Guide

Tech Announcement 2018_1

Cyber Moving Targets. Yashar Dehkan Asl

(a) Which of these two conditions (high or low) is considered more serious? Justify your answer.

StoneGate Management Center Release Notes for Version 4.2.1

Triconex TriStation Emulator Denial of Service

GRID SOFTWARE FOR VMWARE VSPHERE VERSION /370.21

Outline. Classic races: files in /tmp. Race conditions. TOCTTOU example. TOCTTOU gaps. Vulnerabilities in OS interaction

Jackson Marusarz Software Technical Consulting Engineer

n Explain penetration testing concepts n Explain vulnerability scanning concepts n Reconnaissance is the first step of performing a pen test

M!DGE2 Release Notes Firmware version xxx

Transcription:

Component: Kernel CVSS Score: 6.2 CVE-2013-4312: https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-4312 The Linux kernel before 4.4.1 allows local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket before closing it, related to net/unix/af_unix.c and net/unix/garbage.c. Impacted - Fixed in 6.7R12 Impacted - Fixed in 4.1R2 Brocade Virtual Traffic Traffic (STM)) Impacted - This issue is present, but the firmware is not vulnerable as a user is unable to call sendmsg() from CLI or from a script. Impacted - This issue is present, but the firmware is not vulnerable as a user is unable to call sendmsg() from CLI or from a script. Impacted - Affects some Linux tools using local socket as pipe, but not VADX software. Customers are advised to use Linux tools with caution. Impacted - Fixed in 2.4. Upgrade to 3.13.0-83.127 kernel. Page 1

Component: Glibc CVSS Score: 5.0 CVE-2014-8121: https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8121 DB_LOOKUP in nss_files/files-xxx.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up while the database is iterated over the database, which triggers the file pointer to be reset. Brocade Virtual Traffic Traffic (STM)) Impacted - Fixed in 6.7R11. Impacted - Fixed in 4.2R1. Under investigation Under investigation Impacted - Affects some Linux tools like RPC/portmapper, but not VADX software. We should advise customers to use Linux tools with caution. Impacted - Brocade vtm software customers are not affected. A fix for Brocade vtm appliances will be included in the next release. For customers using the 9.9 and 10.4 LTS releases, a fix will be included in the next r-releases (9.9r2 and 10.4r1). Impacted - Both Services Director VA and Services Director Instance Host VA are affected. We are awaiting upstream fixes from Redhat and Ubuntu. Page 2

Component: PCRE CVSS Score: 7.3 CVE-2014-9769: https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-9769 pcre_jit_compile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via a crafted string, as demonstrated by packets encountered by Suricata during use of a regular expression in an Emerging Threats Open ruleset. Brocade Virtual Traffic Traffic (STM)) Impacted - Fixed in 6.71R12. Impacted - Fixed in 4.2R1. Impacted Affects some Linux tools using PCRE library, but not vadx software. Customers are advised to use Linux tools with caution. Page 3

Component: Glibc CVSS Score: 6.8 CVE-2015-1781: https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-1781 Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer. Brocade Virtual Traffic Traffic (STM)) Impacted Fixed in 6.7R11. Impacted Fixed in 4.21R1. Under investigation Under investigation Impacted - Brocade vtm software customers are not affected. A fix for Brocade vtm appliances will be included in the next release. For customers using the 9.9 and 10.4 LTS releases, a fix will be included in the next r-releases (9.9r2 and 10.4r1). Impacted - Customer should update the OS according to their vendors recommendation. Page 4

Component: OpenSSL CVSS Score: 4.0 CVE-2015-4680: https://access.redhat.com/security/cve/cve-2015-4680 https://packetstormsecurity.com/files/132415/freeradius-insufficient-crl-application.html Brocade Virtual Traffic Traffic (STM)) Page 5

Component: Apache CVSS Score: 7.5 CVE-2015-7501: https://access.redhat.com/security/cve/cve-2015-7501 This issue affects the Apache commons-collections library as shipped with Fuse 6.2.0 and A-MQ 6.2.0. However, this flaw is not known to be exploitable under supported scenarios in these product versions, and so has been assigned an impact of Important for these products and their respective errata. Brocade Virtual Traffic Traffic (STM)) Impacted - Affects some Linux tools like Apache commonscollections library, but not VADX software. Customers are advised to use Linux tools with caution. Impacted - Fixed in BNA 14.0.1. Impacted - Fixed in BNA 14.0.1. Impacted - Fixed in BNA 14.0.1. Page 6

Component: NTP CVSS Score: 6.4 CVE-2015-7691: https://access.redhat.com/security/cve/cve-2015-7691 https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151021-ntp https://support.f5.com/kb/en-us/solutions/public/17000/500/sol17530.html Brocade Virtual Traffic Traffic (STM)) Impacted Fixed in 6.7R12. Impacted - Fixed in 4.1R1. Impacted - Brocade vtm software customers are not affected. Brocade vtm appliance customers should upgrade to version 10.2r1 or later. Alternatively, for customers using the 9.9 LTS release, the fix is included in 9.9r1. Page 7

Component: NTP CVSS Score: 6.4 CVE-2015-7692: https://access.redhat.com/security/cve/cve-2015-7692 https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151021-ntp https://support.f5.com/kb/en-us/solutions/public/17000/500/sol17530.html Brocade Virtual Traffic Traffic (STM)) Impacted - Fixed in 6.7R12. Impacted - Fixed with 4.1R1. Impacted - Brocade vtm software customers are not affected. Brocade vtm appliance customers should upgrade to version 10.2r1 or later. Alternatively, for customers using the 9.9 LTS release, the fix is included in 9.9r1. Page 8

Component: Kernel CVSS Score: 7.5 CVE-2015-8767: https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8767 net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call. Brocade Virtual Traffic Traffic (STM)) Impacted Fixed in 6.7R12. Impacted Fixed in 4.2R1. Impacted - Affects some Linux tools SCTP, but not VADX software. Customers are advised to use Linux tools with caution. Impacted - Brocade vtm software releases do not contain the vulnerability. Brocade vtm appliances include the vulnerability. This issue is only exposed locally to services running on the appliance; if administrators have installed software onto the appliance that they doubt the integrity of, then they should consider disabling/removing that software as a workaround to this local vulnerability. Page 9

Component: Glibc CVSS Score: 9.1 CVE-2015-8776: https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8776 The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an outof-range time value. Brocade Virtual Traffic Traffic (STM)) Impacted Fixed in 6.7R11. Impacted Fixed in 4.2R1. Impacted - This issue is present in the GLIBC used, but the firmware is not vulnerable as the values are always verified before calling strftime. Impacted - This issue is present in the GLIBC used, but the firmware is not vulnerable as the values are always verified before calling strftime. Impacted - Affects some Linux tools like RPC/portmapper, but not VADX software. Customers are advised to use Linux tools with caution. Impacted - Brocade vtm software customers are not affected. A fix for Brocade vtm appliances will be included in the next release. For customers using the 9.9 and 10.4 LTS releases, a fix will be included in the next r-releases (9.9r2 and 10.4r1). Impacted - A release containing a fix for this is pending, awaiting a fix from our upstream OS vendors. Page 10

Component: Glibc CVSS Score: 5.5 CVE-2015-8777: https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8777 The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER_GUARD environment variable. Brocade Virtual Traffic Traffic (STM)) Impacted Fixed in 6.7R11. Impacted Fixed in 4.2R1. Impacted - Affects some Linux tools like RPC/portmapper, but not VADX software. Customers are advised to use Linux tools with caution. Impacted - Brocade vtm software customers are not affected. A fix for Brocade vtm appliances will be included in the next release. For customers using the 9.9 and 10.4 LTS releases, a fix will be included in the next r-releases (9.9r2 and 10.4r1). Impacted - Ensure local access to the Services Director is restricted as far as possible. A release containing the fix for this is TBC. Page 11

Component: Glibc CVSS Score: 9.8 CVE-2015-8778: https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8778 Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the hcreate_r function, which triggers out-of-bounds heap-memory access. Brocade Virtual Traffic Traffic (STM)) Impacted Fixed in 6.7R11. Impacted Fixed in 4.1R3. Impacted - This issue is present in the GLIBC used, but firmware is not vulnerable as the code does not ever call hcreate or hcreate_r. Impacted - This issue is present in the GLIBC used, but firmware is not vulnerable as the code does not ever call hcreate or hcreate_r. Impacted - Affects some Linux tools like RPC/portmapper, but not VADX software. Customers are advised to use Linux tools with caution. Impacted - Brocade vtm software customers are not affected. A fix for Brocade vtm appliances will be included in the next release. For customers using the 9.9 and 10.4 LTS releases, a fix will be included in the next r-releases (9.9r2 and 10.4r1). Impacted - A release containing a fix for this is pending, awaiting a fix from our upstream OS vendors. Page 12

Component: Glibc CVSS Score: 9.8 CVE-2015-8779: https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8779 Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name. Brocade Virtual Traffic Traffic (STM)) Impacted Fixed in 6.7R11. Impacted Fixed in 4.2R1. Impacted - This issue is present, but the firmware is not vulnerable as the code does not ever use the catopen function. Impacted - This issue is present, but the firmware is not vulnerable as the code does not ever use the catopen function. Impacted - Affects some Linux tools, but not VADX software. Customers are advised to use Linux tools with caution. Impacted - Brocade vtm software customers are not affected. A fix for Brocade vtm appliances will be included in the next release. For customers using the 9.9 and 10.4 LTS releases, a fix will be included in the next r-releases (9.9r2 and 10.4r1). Impacted - - A release containing the fix for Brocade Services Director is TBC. Page 13

Component: Kernel CVSS Score: 6.8 CVE-2015-8816: https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8816 The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device. Brocade Virtual Traffic Traffic (STM)) Impacted Fixed in 6.7R12. Impacted Fixed in 4.2R1. Impacted Fixed in FI08.0.50. Impacted - Affects some Linux tools using USB hub driver, but not VADX software. Customers are advised to use Linux tools with caution. Impacted - Brocade vtm software customers are not affected. Brocade vtm appliance customers should upgrade to version 10.3r1 or later. For customers using the 9.9 LTS releases, a fix will be included in the next r- release (9.9r2). Impacted - The workaround is simply to not attach and detach USB hubs from Services Director VAs (there is no reason why this would be necessary for operation of the VAs). Page 14

Component: Kernel CVSS Score: 7.8 CVE-2015-8830: https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8830 Integer overflow in the aio_setup_single_vector function in fs/aio.c in the Linux kernel 4.0 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. NOTE: this vulnerability exists because of a CVE-2012-6701 regression. Brocade Virtual Traffic Traffic (STM)) Impacted Fixed in 6.7R12. Impacted Fixed in 4.2R1. Impacted - Affects some Linux tools using USB hub driver, but not VADX software. Customers are advised to use Linux tools with caution. Impacted - Brocade vtm software customers are not affected. A fix for Brocade vtm appliances will be included in the next release. For customers using the 9.9 and 10.4 LTS releases, a fix will be included in the next r-releases (9.9r2 and 10.4r1). Impacted - We are awaiting upstream fixes for this vulnerability from our OS vendors. Page 15

Component: Glibc CVSS Score: 7.5 CVE-2016-1234: https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1234 Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) before 2.24, when GLOB_ALTDIRFUNC is used, allows context-dependent attackers to cause a denial of service (crash) via a long name. Brocade Virtual Traffic Traffic (STM)) Impacted Fixed in 6.7R13. Impacted Fixed in 5.0R1. Under investigation Impacted - Affects some Linux tools suffering GLOB_ALTDIRFUNC with incorrect NAME_MAX limit, but not VADX software. Customers are advised to use Linux tools with caution. Under investigation Services Director VA and Services Director Instance Host VA both contain affected versions of eglibc. No fix is available currently (we await upstream fixes from Red Hat and Ubuntu). Page 16

Disclaimer THIS DOCUMENT IS PROVIDED ON AN AS-IS BASIS SOLELY FOR INFORMATIONAL PURPOSES AND DOES NOT IMPLY ANY KIND OF GUARANTY OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. YOUR USE OF THE INFORMATION CONTAINED HEREIN IS AT YOUR OWN RISK. ALL INFORMATION PROVIDED HEREIN IS BASED ON BROCADE S CURRENT KNOWLEDGE AND UNDERSTANDING OF THE VULNERABILITY AND IMPACT TO BROCADE HARDWARE AND SOFTWARE PRODUCTS. BROCADE RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. Document Revision Changes 1.0 Initial Publication 2.0 Updated to address 5400 vrouter, 5600 vrouter, NI, SD, SDN Controller, and vtm Page 17

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback