| New User, Welcome! Login |
Next Page >>
Linux
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.0 Windows 7.0.1 build 227600 or later
Workstation 7.0 Linux not affected
Workstation 6.5.x any not affected
Player 3.0 Windows 3.0.1 build 227600 or later
Player 3.0 Linux not affected
Player 2.5.x any not affected
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.0 Windows 7.0.1 build 227600 or later
Workstation 7.0 Linux not affected
Workstation 6.5.x any not affected
Player 3.0 Windows 3.0.1 build 227600 or later
Player 3.0 Linux not affected
Player 2.5.x any not affected
Affected Products:
Admin r8.1 SP2
Advantage Data Transformer r2.2
Allfusion Harvest Change Manager r7.1
CA ARCserve Backup for Unix r11.1, r11.5 GA/SP1/SP2/SP3
CA ARCserve Backup for Linux r11.1, r11.5 GA/SP1/SP2/SP3
CA Directory r8.1
CA Job Management Option R11.0
CA Single Sign-On r8.1
CleverPath Aion BPM r10.1, r10.2
EEM 8.1, 8.2, 8.2.1
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFIuI98S2KysvBH1xkRCJp7AJ9Mq0+CEdoQRLzPLSRbv5OLqXqUHACfUSRt
bZpHL8qHcNwAiTVz6P3+W6E=
=PQ58
-----END PGP SIGNATURE-----
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x Windows 6.5.2 build 156735 or later
Workstation 6.5.x Linux not affected
Workstation 6.0.x Windows upgrade to at least 6.5.2
Workstation 6.0.x Linux not affected
Player 2.5.x Windows 2.5.2 build 156735 or later
Player 2.5.x Linux not affected
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFIRs08S2KysvBH1xkRCMxFAJ0WJX76quFzCV+avwupq3Lu72UKigCfRftj
CZvxoXw/sZxDCSDjVzYAhrA=
=s04s
-----END PGP SIGNATURE-----
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFMrfzLmqjQ0CJFipgRAlWrAJ9W37dJ1VpYi8HUhnkAhYJi18kMDQCgxkJd
p9xmqWyRgY2qDjcgaoA5TA8=
=Y/7/
-----END PGP SIGNATURE-----
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFMmrogmqjQ0CJFipgRAn0bAJ0U1t4eD6lfvX9azRWYnBFzs6ipRQCeOycB
2WJFkldOVtFcyJcg/tky5Iw=
=exOo
-----END PGP SIGNATURE-----
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFNhz4MmqjQ0CJFipgRAvQCAKCjxkVbvV6tX/dquf3yaHOxUm7IxQCfRY5g
q9TSPal83qlvFGa4p/Zm6kM=
=51Io
-----END PGP SIGNATURE-----
Player any any not affected
ACE any Windows not affected
Server 2.x Windows not affected
Server 2.x Linux 2.0.2 build 203138 or later
Server 1.x Windows not affected
Server 1.x Linux 1.0.10 build 203137 or later
Fusion 2.x Mac OS/X not affected
Workstation for Windows 32-bit and 64-bit
Windows 32-bit and 64-bit .exe
md5sum: 8336586b9f9e5180d5279a0b988e82a6
sha1sum: ccdb6bcb867638e8f4f493bc02c6f70c5ebbb88e
For Linux
Workstation for Linux 32-bit
Linux 32-bit .rpm
md5sum: 69b039c848f6b2c94948928d8e9057bb
sha1sum: 37ca77ef550db932cf7b078fcbd6fa0155e3411e
Workstation for Windows 32-bit and 64-bit
Windows 32-bit and 64-bit .exe
md5sum: 8336586b9f9e5180d5279a0b988e82a6
sha1sum: ccdb6bcb867638e8f4f493bc02c6f70c5ebbb88e
For Linux
Workstation for Linux 32-bit
Linux 32-bit .rpm
md5sum: 69b039c848f6b2c94948928d8e9057bb
sha1sum: 37ca77ef550db932cf7b078fcbd6fa0155e3411e
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.x Linux 7.1.2 Build 301548 or later
Workstation 7.x Windows not affected
Workstation 6.5.x any not affected
Player 3.1.x Linux 3.1.2 Build 301548 or later
Player 3.1.x Windows not affected
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
Copyright 2009 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAksMVEEACgkQ4B86/C0qfVmu6QCgh/YoAesyfRKwvTTQLuGs7jym
b6UAoNmMyUvhSwP2ZoUk3+PJAI7yJ2+A
=1+HK
-----END PGP SIGNATURE-----
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEAREIAAYFAkjmyjYACgkQS2KysvBH1xkdQQCfWgCAtw7u5nEaScAZheYn4Lea
4hUAnjhb/kF2O/QxnvlAzH22aCUOGRfj
=pwPz
-----END PGP SIGNATURE-----
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
Copyright 2009 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkyIYLcACgkQ4B86/C0qfVnz1QCgveZICKBeXxRlmAbL4cZvzgaq
mbIAoPqa1Ba0NueuwFSHxxrzX95YSyf3
=sbSc
-----END PGP SIGNATURE-----
remotely to compromise the confidentiality, availability or integrity of Oracle for OpenView (OfO).
References: CVE-2008-1666, Oracle Critical Patch Update
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
Oracle for OpenView (OfO) v8.1.7, v9.1.01, v9.2, v9.2.0, v10g, v10gR2 running on HP-UX, Tru64 UNIX, Linux, Solaris, and Windows.
BACKGROUND
Oracle is a registered U.S. trademark of the Oracle Corporation, Redwood City, California.
remotely to compromise the confidentiality, availability or integrity of Oracle for OpenView (OfO).
References: Oracle Critical Patch Update - April 2008
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
Oracle for OpenView (OfO) v8.1.7, v9.1.01, v9.2, v9.2.0, v10g, v10gR2 running on HP-UX, Tru64 UNIX, Linux, Solaris, and Windows.
BACKGROUND
Oracle is a registered U.S. trademark of the Oracle Corporation, Redwood City, California.
remotely to compromise the confidentiality, availability or integrity of Oracle for OpenView (OfO).
References: Oracle Critical Patch Update - January 2008
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
Oracle for OpenView (OfO) v8.1.7, v9.1.01, v9.2, v9.2.0, v10g, v10gR2 running on HP-UX, Tru64 UNIX, Linux, Solaris, and Windows.
BACKGROUND
Oracle is a registered U.S. trademark of the Oracle Corporation, Redwood City, California.
Oracle has issued Critical Patch Update - January 2008. For more information:
remotely to compromise the confidentiality, availability or integrity of Oracle for OpenView (OfO).
References: Oracle Critical Patch Update - October 2007
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
- ->Oracle for OpenView (OfO) v8.1.7, v9.1.01, v9.2, v9.2.0, v10g, v10gR2 running on HP-UX, Tru64 UNIX, Linux, Solaris, and Windows.
BACKGROUND
Oracle is a registered U.S. trademark of the Oracle Corporation, Redwood City, California.
I've released an exploit for the Linux sock_sendpage() NULL pointer
dereference[1], discovered by Tavis Ormandy and Julien Tinnes. This exploit
was written to illustrate the exploitability of this vulnerability on
Power/Cell BE architecture.
The exploit makes use of the SELinux and the mmap_min_addr problem to exploit
this vulnerability on Red Hat Enterprise Linux 5.3 and CentOS 5.3. The
problem, first noticed by Brad Spengler, was described by Red Hat in Red Hat
Knowledgebase article: Security-Enhanced Linux (SELinux) policy and the
mmap_min_addr protection[2].
Potential Security Impact: Local Denial of Service (DoS), execution of arbitrary code
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
A potential security vulnerability has been identified with HP Data Protector Express 3.x and 4.x and HP Data Protector Express Single Server Edition (SSE) 3.x and 4.x running on supported Microsoft Windows, Linux, and NetWare versions. The vulnerability could be exploited locally to create a Denial of Service (DoS) or to execute arbitrary code.
References: CVE-2009-0714
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP Data Protector Express 3.x and HP Data Protector Express SSE 3.x prior to build 47065
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFIQFCVS2KysvBH1xkRCAnIAJ0SuIABL0Y0t8Wo2gcBRlhp3w82UACdH8f/
IM84mlV6oiPxg+XGGUVRyeI=
=/czP
-----END PGP SIGNATURE-----
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv
Cv8MnL2bYPyDfYQ3f4IUL+w=
=tFXS
-----END PGP SIGNATURE-----
VirtualCenter any Windows not affected
Movie Decoder any Windows 6.5.3 Build 185404 or later
Workstation 6.5.x Windows 6.5.3 build 185404 or later
Workstation 6.5.x Linux not affected
Player 2.5.x Windows 2.5.3 build 185404 or later
Player 2.5.x Linux not affected
ACE 2.5.x any not affected
Workstation 6.5.x any not affected
Player 2.5.x any not affected
ACE 2.5.x Windows 2.5.3 build 185404 or later
ACE 2.5.x Linux update Apache on host system *
Server 2.x any not affected
Server 1.x any not affected
Fusion 2.x Mac OS/X not affected
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFKORHLmqjQ0CJFipgRAnzRAJ9w1CGojCsYdG001OcNmQuVonRkrwCeNMpH
bzIigZKDE4V8120vojufik8=
=cJ+u
-----END PGP SIGNATURE-----
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFIUUaemqjQ0CJFipgRAq8MAKDRSZia21nimuYHF0gYgofiAHW1BgCfdp0B
27SckAKfnjvGBBvLnjp6vK0=
=yel9
-----END PGP SIGNATURE-----
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
Copyright 2011 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAk3K3lwACgkQ4B86/C0qfVl4jQCfcwG/w+oo0+4a9nkxMV6YoUbx
rJcAn3jkHAT5Yi1Gp0O4XnY75GjB4GkQ
=/gOQ
-----END PGP SIGNATURE-----
Potential security vulnerabilities have been identified with HP Serviceguard Manager B8325BA (Stand alone). These vulnerabilities can be exploited remotely to allow execution of arbitrary code and to create a Denial of Service (DoS).
References: CVE-2008-5349, CVE-2009-1093, CVE-2009-1094, CVE-2009-1095, CVE-2009-1096, CVE-2009-1097, CVE-2009-1098, CVE-2009-1099, CVE-2009-1100, CVE-2009-1101, CVE-2009-1102, CVE-2009-1103, CVE-2009-1104, CVE-2009-1105, CVE-2009-1106, CVE-2009-1107.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
Serviceguard Manager Releases A.05.00, A.05.01, and A.05.02 running on HP-UX, Linux and Windows
BACKGROUND
CVSS 2.0 Base Metrics
===========================================================
Next Page>>
|
|
|
