Next Page >>
management
web browser.
Mitigating Factors: For BrightStor ARCserve Backup for Laptops &
Desktops, only the server installation is affected. Client
installations are not affected. For CA Desktop Management Suite,
Unicenter Desktop Management Bundle, Unicenter Asset Management,
Unicenter Software Delivery and Unicenter Remote Control, only the
Managers and DSM Explorers are affected. Scalability Servers and
Agents are not affected.
browser. The vulnerability, CVE-2008-1472, is due to insufficient
bounds checking on the ListCtrl AddColumn function.
Mitigating Factors: For BrightStor ARCserve Backup for Laptops &
Desktops, only the server installation is affected. Client
installations are not affected. For CA Desktop Management Suite,
Unicenter Desktop Management Bundle, Unicenter Asset Management,
Unicenter Software Delivery and Unicenter Remote Control, only the
Managers and DSM Explorers are affected. Scalability Servers and
Agents are not affected.
=====================================================================================
Hopeless comments regarding the pointless
"HP System Management Homepage (SMH) Unspecified XSS"
August 25, 2008
=====================================================================================
[Overview]
Since HP does not provide technical details in its security bulletins, it is really
|-------------------------------------+--------------+--------------|
| | All versions | All versions |
| Crafted SSH Packet Vulnerability | prior to A3 | prior to A2 |
| | (2.1) | (1.3) |
|-------------------------------------+--------------+--------------|
| Crafted Simple Network Management | All versions | All versions |
| Protocol version 2 (SNMPv2) Packet | prior to A3 | prior to A2 |
| Vulnerability | (2.1) | (1.3) |
|-------------------------------------+--------------+--------------|
| | All versions | All versions |
| Crafted SNMPv3 Packet Vulnerability | prior to A1 | prior to A2 |
CA20090806-02: Security Notice for Unicenter Asset Portfolio
Management, Unicenter Desktop and Server Management, Unicenter
Patch Management
Issued: August 6, 2009
CA's technical support is alerting customers to a security risk with
Unicenter Asset Portfolio Management, Unicenter Desktop and Server
Management, and Unicenter Patch Management. The release of Tomcat as
included with the products is potentially susceptible to a cross-site
+---------------------------------------------------------------------
Summary
=======
The Management Center for Cisco Security Agents is affected by a
directory traversal vulnerability and a SQL injection vulnerability.
Successful exploitation of the directory traversal vulnerability may
allow an authenticated attacker to view and download arbitrary files
from the server hosting the Management Center. Successful
exploitation of the SQL injection vulnerability may allow an
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02029444
Version: 1
HPSBMA02492 SSRT100079 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS), Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2010-04-20
Last Updated: 2010-04-20
CA Internet Security Suite 2007 (v3)
CA Internet Security Suite 2008
CA Internet Security Suite Plus 2008
CA Internet Security Suite Plus 2009
CA Threat Manager for the Enterprise (formerly eTrust Integrated
Threat Management) r8
CA Threat Manager for the Enterprise (formerly eTrust Integrated
Threat Management) 8.1
CA Threat Manager Total Defense
CA Gateway Security r8.1
CA Protection Suites r2
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Security Advisory: Cisco SA 500 Series Security Appliances Web Management Interface Vulnerabilities
Advisory ID: cisco-sa-20110720-sa500
Revision 1.0
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02000727
Version: 1
HPSBMA02504 SSRT090220 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2010-02-03
Last Updated: 2010-02-03
A potential vulnerability has been identified with certain HP ProLiant DL/ML 100 Series G5/G6 Servers with ProLiant Onboard Administrator Powered by LO100i. The vulnerability could be exploited remotely to create a Denial of Service (DoS). The HP ProLiant Onboard Administrator Powered by LO100i was formerly known as HP Lights Out 100.
References: CVE-2009-1426
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
Any of the following ProLiant DL/ML100 G5/G6-Series servers with Lights-Out 100 Remote Management Firmware Version 3.07 or earlier:
HP ProLiant DL120 G5 Server series
HP ProLiant DL160 G5 Server series
HP ProLiant DL160 G6 Server series
HP ProLiant DL160 G5p Server series
Vulnerable Products
+------------------
This vulnerability affects the Cisco AVS 3110, 3120, 3180, and 3180A
Management Station appliances that are running software versions prior
to AVS 5.1.0. Administrators can determine the software version of the
AVS appliances by logging in to the Management Station web-based user
interface or from the command-line interface (CLI) of the appliance
operating system.
=======================================================================
title: Symlink Following and Second-Order Symlink
Vulnerabilities in Multiple Check Point Security Management Products
product: Check Point Security Management
* Multi-Domain Security Management / Provider-1
* SmartCenter
vulnerable version: multiple products, see sections below
fixed version: multiple products, see sections below
CVE number: CVE-2011-2664
impact: high
The following CiscoWorks products with the default Common Services
installed are affected by this vulnerability, due to their underlying
Common Services version:
* CiscoWorks LAN Management Solution
+---------------------------------------------------------------+
| LAN Management Solution Versions | Common Services Versions |
|------------------------------------+--------------------------|
| Prior to 3.2 on Microsoft Windows | Various |
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02171256
Version: 1
HPSBMA02534 SSRT090180 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Unauthorized Information Disclosure, Unauthorized Data Modification, Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2010-05-17
Last Updated: 2010-05-17
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01183597
Version: 1
HPSBMA02275 SSRT071445 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-10-03
Last Updated: 2007-10-03
These vulnerabilities can be exploited using sessions to the Services
Ready Platform Configuration Utility web interface. These
vulnerabilities could be exploited from the local LAN side of the SRP
device by default configuration and the WAN side of the SRP device if
remote management is enabled. Remote management is disabled by
default.
Cisco has released free software updates that address these
vulnerabilities.
3. *Vulnerability Description*
The LANDesk division of Avocent Corporation [1] provides systems
management, security management, service desk, asset management, and
process management solutions to organizations. The company's software
is used worldwide.
A security vulnerability was discovered in LANDesk Management Suite: a
cross-site request forgery which allows an external remote attacker to
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01530663
Version: 1
HPSBST02360 SSRT080117 rev.2 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-041 to MS08-051
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-08-18
Last Updated: 2008-08-18
Title: CA ARCserve Backup for Laptops and Desktops Server and CA
Desktop Management Suite Multiple Vulnerabilities
CA Advisory Date: 2008-04-03
Reported By: Dyon Balding of Secunia Research
Impact: A remote attacker can execute arbitrary code or cause a
denial of service condition.
| Cisco Unified Service Monitor | 2.0.1 | 3.0.5 |
|-------------------------------+------------------+----------------|
| CiscoWorks QoS Policy Manager | 4.0, 4.0.1, and | 3.0.5 |
| | 4.0.2 | |
|-------------------------------+------------------+----------------|
| CiscoWorks LAN Management | 2.6 Update | 3.0.5 |
| Solution | | |
|-------------------------------+------------------+----------------|
| CiscoWorks LAN Management | 3.0 | 3.1 |
| Solution | | |
|-------------------------------+------------------+----------------|
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02735590
Version: 3
HPSBMA02661 SSRT100408 rev.3 - HP SNMP Agents Running on Linux and HP Insight Management Agents Running on Windows, Remote Cross Site Scripting (XSS), URL Redirection, Information Disclosure
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-04-19
Last Updated: 2011-05-11
CA Internet Security Suite 2007 (v3)
CA Internet Security Suite 2008
CA Internet Security Suite Plus 2008
CA Internet Security Suite Plus 2009
CA Threat Manager for the Enterprise (formerly eTrust Integrated
Threat Management) r8
CA Threat Manager for the Enterprise (formerly eTrust Integrated
Threat Management) 8.1
CA Threat Manager Total Defense
CA Gateway Security r8.1
CA Protection Suites r2
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01632189
Version: 1
HPSBST02394 SSRT080183 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-070 to MS08-077
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-12-17
Last Updated: 2008-12-17
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01634640
Version: 1
HPSBST02397 SSRT080187 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-078
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-12-22
Last Updated: 2008-12-22
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01606691
Version: 1
HPSBST02386 SSRT080164 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-067 to MS08-069
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-11-17
Last Updated: 2008-11-17
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01579861
Version: 1
HPSBST02379 SSRT080143 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-056 to MS08-066
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-10-20
Last Updated: 2008-10-20
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01560892
Version: 1
HPSBST02372 SSRT080133 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-052 to MS08-055
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-09-24
Last Updated: 2008-09-24
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01503743
Version: 1
HPSBST02350 SSRT080102 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-037 to MS08-040
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-07-14
Last Updated: 2008-07-14
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01482941
Version: 1
HPSBST02344 SSRT080087 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-030 to MS08-036
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-06-17
Last Updated: 2008-06-17
Next Page>>
|
