[Vms.sig-hu] Fw: OpenVMS Security Advisories

[Fodor Zsuzsa]

Ezt is megértük... DoS támadás VMS alatt   :-O FZs

----------Eredeti üzenet----------Dátum:2011. május 19., csütörtök, 19:33:46
Feladó:Brad McCusker 
Tárgy:OpenVMS Security Advisories
Címzett:fodor31 at freemail.hu
 
Dear OpenVMS Customers,
Software Concepts International would like to make you aware of some recently released Security Advisories for OpenVMS Systems.  On May 5, 2011 the Hewlett-Packard (HP) Software Security Response Team announced the following potential security vulnerabilities with specific layered products running on OpenVMS.  If you are using any of the affected products, please follow the SCI recommendations at the end of this e-mail.
Advisories 
Java 
Various versions are affected: 
Major Version                Platform           Affected Minor Versions         
J2SE 1.42                     Alpha                v 1.42-9 and earlier
J2SE 1.42                     I64                    v 1.42-6 and earlier
J2SE 5.0                       Alpha                v 1.50-7 and earlier
J2SE 5.0                       I64                    v 1.50-6 and earlier
Java SE 6                     Alpha & I64       v 6.0-2 and earlier 
This vulnerability could be remotely exploited to create a Denial of Service (DoS).  Read full HP security bulletin (HP ITRC Login Required) or  see our web site for more information.
 
Kerberos 
Versions Affected: v3.1 and earlier 
This vulnerability could be remotely exploited to create a Denial of Service (DoS) or execution of arbitrary code, or by a remote unauthorized user to modify data, prompts, or responses.  Read full HP security bulletin (HP ITRC Login Required) or  see our web site for more information.
 
HP SSL for OpenVMS 
Versions Affected: v1.4 and earlier 
This vulnerability could be remotely exploited to create a Denial of Service (DoS) or unauthorized disclosure of information, or by a remote unauthorized user to modify data, prompts, or responses.  Read full HP security bulletin (HP ITRC Login Required) or  see our web site for more information.
 
 HP Secure Web Server (SWS) for OpenVMS (based on Apache) 
Versions Affected: v2.1-1 and earlier 
This vulnerability could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications.   Read full HP security bulletin (HP ITRC Login Required) or  see our web site for more information
Next Steps

SCI Remote System Management Customers: Your Technical Account Manager (TAM) has already contacted you regarding these vulnerabilities.
 
All Others:  Patches are available for download at  http://itrc.hp.com, or  contact SCI for assistance in installing these patches.
About SCI
In business for more than 24 years, Software Concepts International (SCI) is a world leader in providing remote OpenVMS database administration, remote system management, and full VAX/Alpha to Integrity migration services.  
Our clients are located around the world and they are typical OpenVMS customers - running mission critical applications (often times with Oracle Rdb or Oracle CODASYL DBMS). They struggled to find, hire, and retain qualified, knowledgeable, affordable support staff, a struggle which led them to seek more cost effective database administration or system management solutions.  SCI´s services provide the ongoing, day-to-day management and support for mission-critical systems and databases, worldwide.  We have the responsibility, tools and expertise to manage your systems and databases for maximum availability and performance.  Our services are provided through a combination of customized tools installed on supported systems, software running on servers at SCI´s headquarters, and leading OpenVMS experts (averaging over 20 years experience) to monitor the environments.
Brad McCusker 
Software Concepts International, LLC
402 Amherst Street, Suite 300
Nashua, NH 03063
Tel: +1 (603) 879-9022 x120
FAX: +1 (603) 879-9023 
 www.sciinc.com
Twitter:  http://twitter.com/SoftwareConcept
====================================
As always, please let me know if you prefer not to receive these e-mails from me.  For more information regarding SCI's privacy policy or to obtain contact information, please see our privacy statement  http://www.sciinc.com/privacy.asp 
--------- következő rész ---------
Egy csatolt HTML állomány át lett konvertálva...
URL: http://omega.ttk.pte.hu/pipermail/vms.sig-hu/attachments/20110520/ad057a97/attachment.htm