HPE Security Bulletin HPESBHF03741 1 - Potential security vulnerabilities with OpenSSL have been addressed for HPE Network products including Comware 7, IMC, and VCX. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS) or disclosure of sensitive information, or locally exploited resulting in unauthorized disclosure of information. Revision 1 of this advisory.
273a8e07f2cfd72d286f3067512289a13cef04a30487bc2abfabe81687e89a5eHP Security Bulletin HPSBMU03685 1 - Multiple potential security vulnerabilities have been identified in HPE Insight Control server provisioning (ICsp) software. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS), arbitrary code execution, arbitrary command execution, unauthorized access to files or disclosure of sensitive information. Revision 1 of this advisory.
7c572b3e24df1d149872d9d6f48b13a5c0031cc58055e6a8a1c95b1c448324e2Red Hat Security Advisory 2016-2073-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an application compiled against the OpenSSL library.
016924697aba2b3c0ed2a4b898dbf325da5ec9106c04351d7f374f3485979f2cHP Security Bulletin HPSBMU03607 1 - Multiple potential security vulnerabilities have been identified in HPE BladeSystem c-Class Virtual Connect (VC) firmware. These vulnerabilities include: The SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "POODLE", which could be exploited remotely resulting in disclosure of information. The Cross-protocol Attack on TLS using SSLv2 also known as "DROWN", which could be exploited remotely resulting in disclosure of information. Additional OpenSSL and OpenSSH vulnerabilities which could be remotely exploited resulting in Denial of Service (DoS), disclosure of information, or Cross-site Request Forgery (CSRF). Revision 1 of this advisory.
0fcaa98109f349b0cc14e9fe32a0f10dcbf38053afd926747b325159bfe4984aHP Security Bulletin HPSBMU03600 1 - HPE Insight Control server provisioning has addressed security vulnerabilities in OpenSSL that could be exploited remotely resulting in Denial of Service (DoS). Revision 1 of this advisory.
341dae9f50ec43fb24b92ecde65911dbb8eba0c9ce6d5266796050698f106475HP Security Bulletin HPSBMU03601 1 - HPE Insight Control server deployment has addressed the following security vulnerabilities: The Cross-protocol Attack on TLS using SSLv2 also known as "DROWN" which could be exploited remotely resulting in disclosure of information Multiple OpenSSL vulnerabilities which could be remotely exploited resulting in Denial of Service (DoS) Multiple vulnerabilities that can be exploited locally resulting in Cross-site scripting (XSS), and Information Disclosure. Revision 1 of this advisory.
5d35db5021a3e1e977bf248f0f4d2e0973624f00926593096b12913d74b63dacHP Security Bulletin HPSBGN03587 1 - 3rd party code template: A security vulnerability in Open vSwitch could potentially impact HPE Helion OpenStack resulting in a remote denial of Service (DoS) or arbitrary command execution. HPE Helion OpenStack has also addressed several OpenSSL vulnerabilities including: The Cross-protocol Attack on TLS using SSLv2 also known as "DROWN", which could be exploited remotely resulting in disclosure of information. Multiple OpenSSL vulnerabilities which could be remotely exploited resulting in Denial of Service (DoS) or other impacts. Revision 1 of this advisory.
d4fceaa0ba4a7864b939e73b9efc7e9a3c3d9f771140a67054d955accf574196HP Security Bulletin HPSBHF03594 1 - Security vulnerabilities in OpenSSL have been addressed by HPE ConvergedSystem 500 & 900 and HPE AppSystems for SAP HANA. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS), unauthorized disclosure of information, and unauthorized modification. Revision 1 of this advisory.
d33fe09cf5ca02681f9ac76ff30e6bbf0d623c549fe9a315a6a3243d9bd2c5e5HP Security Bulletin HPSBMU03590 1 - Several potential security vulnerabilities have been identified in HPE Systems Insight Manager (SIM) on Windows and Linux. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS), execution of arbitrary code, disclosure of information, Cross-site Request Forgery (CSRF), and Cross-site scripting (XSS). Revision 1 of this advisory.
0d87e5cf948c457cbccb5fbac35b83c4012fe852b7698e47171b0b53a8f1b615HP Security Bulletin HPSBHF03592 1 - Several potential security vulnerabilities have been identified in the OpenFlow Virtual Appliance (OVA) version of the HPE VAN SDN Controller using OpenSSL which could be exploited remotely to allow Denial of Service (DoS), unauthorized disclosure of information, and unauthorized modification of information. Revision 1 of this advisory.
034fac9d639f999dd1ac333a177536ca76a9567fe5bfd2edf74d7dbd4e25500bRed Hat Security Advisory 2016-0996-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an application compiled against the OpenSSL library.
e30f7519e808449e16c91c662d98dc42f4e2dc6fc5bfc08f26313f72e14a7848Red Hat Security Advisory 2016-0722-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an application compiled against the OpenSSL library.
20a21fae0cd061a2508b8804879648afc5786156f2cbd54707709f649be74cafHP Security Bulletin HPSBMU03575 1 - HP Smart Update Manager (SUM) has addressed the following vulnerabilities: The Cross-protocol Attack on TLS using SSLv2 also known as "DROWN", which could be exploited remotely resulting in disclosure of information. Multiple OpenSSL vulnerabilities which could be remotely exploited resulting in Denial of Service (DoS) or other impacts. Revision 1 of this advisory.
951b9459376328c5cc2cb9fbe9d2e7233b6bd702b9e72e647dbe0a71bf95c52eHP Security Bulletin HPSBGN03569 2 - Potential security vulnerabilities have been identified in the server running HP OneView for VMware vCenter (OV4VC) version 7.8.1 or earlier. The vulnerabilities may lead to remote disclosure of information. Revision 2 of this advisory.
fef3d41637e48d083862ff126529ccde22bdff9c792cc65ee94e07dafe71a719HP Security Bulletin HPSBGN03569 1 - Potential security vulnerabilities have been identified in the server running HP OneView for VMware vCenter (OV4VC) version 7.8.1 or earlier. The vulnerabilities may lead to remote disclosure of information. Revision 1 of this advisory.
ba96f809d6edd6493b69b5512fafd074d2553430432ef066408a44fa3cf3e38b
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed