<< Previous Next >>
patches
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01325239
Version: 1
HPSBST02304 SSRT080003 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-001 to MS08-002
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-01-14
Last Updated: 2008-01-14
ESXi update for ntp and ESX Console OS (COS) updates for COS
kernel, openssl, krb5, gcc, bind, gzip, sudo.
2. Relevant releases
VMware ESX 4.0.0 without patches ESX400-201005401-SG,
ESX400-201005406-SG, ESX400-201005408-SG, ESX400-201005407-SG,
ESX400-201005405-SG, ESX400-201005409-SG
3. Problem Description
+------------------
The following Cisco Secure ACS versions are affected by this
vulnerability:
* Cisco Secure ACS version 5.1 with patch 3, 4, or 5 (or any
combination of these patches) installed and without patch 6 or
later installed
* Cisco Secure ACS version 5.2 without any patches installed
* Cisco Secure ACS version 5.2 with patch 1 or 2 (or both of these
patches) installed and without patch 3 or later installed
The Hewlett-Packard Company thanks Oren Isacson of Core Security Technologies for reporting these vulnerabilities to security-alert@hp.com.
RESOLUTION
HP has made archive files available to resolve the vulnerabilities. The archive files are listed in the tables below. The tables also list required patches. The patches will insure that NNM is compatible with the software files in the archive.
The patches are available from http://support.openview.hp.com/selfsolve/patches
Note: The patches are not available from the HP IT Resource Center (ITRC).
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01287209
Version: 1
HPSBST02291 SSRT071498 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-061 and MS07-062
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-11-21
Last Updated: 2007-11-21
- ------------------------------------------------------------------------
VMware Security Advisory
Advisory ID: VMSA-2009-0005
Synopsis: VMware Hosted products, VI Client and patches for ESX
and ESXi resolve multiple security issues
Issue date: 2009-04-03
Updated on: 2009-04-03 (initial release of advisory)
CVE numbers: CVE-2008-4916 CVE-2008-3761 CVE-2009-1146
CVE-2009-1147 CVE-2009-0909 CVE-2009-0910
Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
The Hewlett-Packard Company thanks Oren Isacson of Core Security Technologies for reporting these vulnerabilities to security-alert@hp.com.
RESOLUTION
HP has made archive files available to resolve the vulnerabilities. The archive files are listed in the tables below. The tables also list required patches. The patches will insure that NNM is compatible with the software files in the archive.
The patches are available from http://support.openview.hp.com/selfsolve/patches
Note: The patches are not available from the HP IT Resource Center (ITRC).
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01634640
Version: 1
HPSBST02397 SSRT080187 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-078
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-12-22
Last Updated: 2008-12-22
CVE-2009-0205 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
===============================================
Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
RESOLUTION
HP has made patches available to resolve the vulnerability.
The patches are available from http://support.openview.hp.com/selfsolve/patches
Note: The patches are not available from the HP IT Resource Center (ITRC).
The Hewlett-Packard Company thanks an anonymous researcher working with the iDefense VCP for reporting these vulnerabilities to security-alert@hp.com.
RESOLUTION
HP has made patches available to resolve these vulnerabilities.
The patches are available from http://support.openview.hp.com/selfsolve/patches
Note: The patches are not available from the HP IT Resource Center (ITRC).
===============================================
Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
RESOLUTION
HP has made patches available to resolve these vulnerabilities.
The patches are available from http://support.openview.hp.com/selfsolve/patches
Note: The patches are not available from the HP IT Resource Center (ITRC).
===============================================
Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
RESOLUTION
HP has made patches available to resolve the vulnerabilities.
The patches are available from http://support.openview.hp.com/selfsolve/patches
Note: The patches are not available from the HP IT Resource Center (ITRC).
The Hewlett-Packard Company thanks JJ Reyes, Secunia Research for reporting this vulnerability to security-alert@hp.com.
RESOLUTION
HP has made patches available to resolve the vulnerabilities.
The patches are available from http://support.openview.hp.com/selfsolve/patches
Note: The patches are not available from the HP IT Resource Center (ITRC).
Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
CVSS 2.0 Base Metrics
RESOLUTION
HP has made the following software patches available to resolve the vulnerability.
The patches can be downloaded from http://support.openview.hp.com/selfsolve/patches
Note: The patches require manal actions. Please refer to the patch documentation for installation instructions.
HP Enterprise Discovery Version 2.0 Patch Number HPED_00159
CVE-2008-0709 (AV:L/AC:L/Au:S/C:P/I:P/A:N) 3.2
Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
RESOLUTION
HP has provided the following software patches to resolve the vulnerability.
The patches are available for download from http://support.openview.hp.com/selfsolve/patches
Note: To locate the patches on http://support.openview.hp.com/selfsolve/patches
1. set Product="select identity"
2. set Product version="All Versions"
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00727143
Version: 8
HPSBMA02133 SSRT061201 rev.8 - HP Oracle for OpenView (OfO) Critical Patch Update
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2006-07-19
Last Updated: 2008-04-16
ESX 3.5 Console OS (COS) updates for COS packages perl, krb5, samba,
tar, and cpio.
2. Relevant releases
VMware ESX 3.5 without patches ESX350-201008405-SG,
ESX350-201008407-SG, ESX350-201008410-SG, ESX350-201008411-SG,
ESX350-201008412-SG.
Notes:
Effective May 2010, VMware's patch and update release program during
ESX 3.5 Console OS (COS) updates for COS packages perl, krb5, samba,
tar, and cpio.
2. Relevant releases
VMware ESX 3.5 without patches ESX350-201008405-SG,
ESX350-201008407-SG, ESX350-201008410-SG, ESX350-201008411-SG,
ESX350-201008412-SG.
Notes:
Effective May 2010, VMware's patch and update release program during
The Hewlett-Packard Company thanks Oren Isacson of Core Security Technologies for reporting these vulnerabilities to security-alert@hp.com.
RESOLUTION
HP has made patches available to resolve the vulnerabilities for NNM v7.53.
The patches are available from http://support.openview.hp.com/selfsolve/patches
OV NNM v7.53
The Hewlett-Packard Company thanks Oren Isacson of Core Security Technologies for reporting these vulnerabilities to security-alert@hp.com.
RESOLUTION
HP has made patches available to resolve the vulnerabilities for NNM v7.53.
HP has made archive files available to resolve the vulnerabilities for NNM v7.01. The archive files are listed in the NNM v7.01 table below. The table also lists required patches. The patches will insure that NNM v7.01 is compatible with the software files in the archive.
The patches are available from http://support.openview.hp.com/selfsolve/patches
- ------------------------------------------------------------------------
VMware Security Advisory
Advisory ID: VMSA-2009-0015
Synopsis: VMware hosted products and ESX patches resolve two
security issues
Issue date: 2009-10-27
Updated on: 2009-10-27 (initial release of advisory)
CVE numbers: CVE-2009-2267 CVE-2009-3733
- ------------------------------------------------------------------------
- ------------------------------------------------------------------------
VMware Security Advisory
Advisory ID: VMSA-2008-0016
Synopsis: VMware Hosted products, VirtualCenter Update 3 and
patches for ESX and ESXi resolve multiple security issues
Issue date: 2008-10-03
Updated on: 2008-10-03 (initial release of advisory)
CVE numbers: CVE-2008-4279 CVE-2008-4278 CVE-2008-3103
CVE-2008-3104 CVE-2008-3105 CVE-2008-3106
CVE-2008-3107 CVE-2008-3108 CVE-2008-3109
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00727143
Version: 7
HPSBMA02133 SSRT061201 rev.7 - HP Oracle for OpenView (OfO) Critical Patch Update
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2006-07-19
Last Updated: 2008-01-16
- ------------------------------------------------------------------------
VMware Security Advisory
Advisory ID: VMSA-2009-0007
Synopsis: VMware Hosted products and ESX and ESXi patches
resolve security issues
Issue date: 2009-05-28
Updated on: 2009-05-28 (initial release of advisory)
CVE numbers: CVE-2009-1805 CVE-2009-0040 CVE-2008-1382
- ------------------------------------------------------------------------
SUPPORT COMMUNICATION - SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00727143
Version: 6
HPSBMA02133 SSRT061201 rev.6 - HP Oracle for OpenView (OfO) Critical Patch Update
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2006-07-19
Last Updated: 2007-10-24
VMware vShield Manager 4.1 Update 1
VMware vShield Manager 1.0 Update 1
VMware Update Manager 5.0
ESXi 5.0 without patches ESXi500-201203101-SG, ESXi500-201112402-BG
ESXi 4.1 without patch ESXi410-201110202-UG
ESXi 4.0 without patch ESXi400-201110402-BG
ESX 4.1 without patch ESX410-201110201-SG
ESX 4.0 without patch ESX400-201110401-SG
this IS NOT a plot to sell more Win7. Granted the marketing folks spun
this bulletin WAY WAY TOO much. It is what it is. I do believe the
architecture in XP just isn't there. It's a 10 year old platform that
sometimes you can't bolt on this stuff afterwards. Even in Vista, it's
not truly fixing the issue, merely making the system more resilient to
attacks. Read the fine print in the patch.. it's just making the system
kill a session and recover better.
I am not a fan of third party because you bring yourself outside the
support window of the product.
>> IS NOT a plot to sell more Win7. Granted the marketing folks spun
>> this bulletin WAY WAY TOO much. It is what it is. I do believe the
>> architecture in XP just isn't there. It's a 10 year old platform
>> that sometimes you can't bolt on this stuff afterwards. Even in
>> Vista, it's not truly fixing the issue, merely making the system more
>> resilient to attacks. Read the fine print in the patch.. it's just
>> making the system kill a session and recover better.
>>
>> I am not a fan of third party because you bring yourself outside the
>> support window of the product.
>>
The Hewlett-Packard Company thanks JJ Reyes, Secunia Research for reporting this vulnerability to security-alert@hp.com.
RESOLUTION
HP has made patches available to resolve the vulnerabilities for NNM v7.53.
The patches are available from http://support.openview.hp.com/selfsolve/patches
OV NNM v7.53
The Hewlett-Packard Company thanks Aaron Portnoy of TippingPoint DVLabs for reporting these vulnerabilities to security-alert@hp.com.
RESOLUTION
HP has made patches available to resolve the vulnerabilities for NNM v7.53.
The patches are available from http://support.openview.hp.com/selfsolve/patches
OV NNM v7.53
<<Previous Next>>
|
