[Vms.sig-hu] Fw: OpenVMS Security Advisories
Fodor Zsuzsa
fodor31 at freemail.hu
2011. Május. 20., P, 09:06:02 CEST
Ezt is megértük... DoS támadás VMS alatt :-O FZs
----------Eredeti üzenet----------Dátum:2011. május 19., csütörtök, 19:33:46
Feladó:Brad McCusker
Tárgy:OpenVMS Security Advisories
Címzett:fodor31 at freemail.hu
Dear OpenVMS Customers,
Software Concepts International would like to make you aware of some recently released Security Advisories for OpenVMS Systems. On May 5, 2011 the Hewlett-Packard (HP) Software Security Response Team announced the following potential security vulnerabilities with specific layered products running on OpenVMS. If you are using any of the affected products, please follow the SCI recommendations at the end of this e-mail.
Advisories
Java
Various versions are affected:
Major Version Platform Affected Minor Versions
J2SE 1.42 Alpha v 1.42-9 and earlier
J2SE 1.42 I64 v 1.42-6 and earlier
J2SE 5.0 Alpha v 1.50-7 and earlier
J2SE 5.0 I64 v 1.50-6 and earlier
Java SE 6 Alpha & I64 v 6.0-2 and earlier
This vulnerability could be remotely exploited to create a Denial of Service (DoS). Read full HP security bulletin (HP ITRC Login Required) or see our web site for more information.
Kerberos
Versions Affected: v3.1 and earlier
This vulnerability could be remotely exploited to create a Denial of Service (DoS) or execution of arbitrary code, or by a remote unauthorized user to modify data, prompts, or responses. Read full HP security bulletin (HP ITRC Login Required) or see our web site for more information.
HP SSL for OpenVMS
Versions Affected: v1.4 and earlier
This vulnerability could be remotely exploited to create a Denial of Service (DoS) or unauthorized disclosure of information, or by a remote unauthorized user to modify data, prompts, or responses. Read full HP security bulletin (HP ITRC Login Required) or see our web site for more information.
HP Secure Web Server (SWS) for OpenVMS (based on Apache)
Versions Affected: v2.1-1 and earlier
This vulnerability could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications. Read full HP security bulletin (HP ITRC Login Required) or see our web site for more information
Next Steps
SCI Remote System Management Customers: Your Technical Account Manager (TAM) has already contacted you regarding these vulnerabilities.
All Others: Patches are available for download at http://itrc.hp.com, or contact SCI for assistance in installing these patches.
About SCI
In business for more than 24 years, Software Concepts International (SCI) is a world leader in providing remote OpenVMS database administration, remote system management, and full VAX/Alpha to Integrity migration services.
Our clients are located around the world and they are typical OpenVMS customers - running mission critical applications (often times with Oracle Rdb or Oracle CODASYL DBMS). They struggled to find, hire, and retain qualified, knowledgeable, affordable support staff, a struggle which led them to seek more cost effective database administration or system management solutions. SCI´s services provide the ongoing, day-to-day management and support for mission-critical systems and databases, worldwide. We have the responsibility, tools and expertise to manage your systems and databases for maximum availability and performance. Our services are provided through a combination of customized tools installed on supported systems, software running on servers at SCI´s headquarters, and leading OpenVMS experts (averaging over 20 years experience) to monitor the environments.
Brad McCusker
Software Concepts International, LLC
402 Amherst Street, Suite 300
Nashua, NH 03063
Tel: +1 (603) 879-9022 x120
FAX: +1 (603) 879-9023
www.sciinc.com
Twitter: http://twitter.com/SoftwareConcept
====================================
As always, please let me know if you prefer not to receive these e-mails from me. For more information regarding SCI's privacy policy or to obtain contact information, please see our privacy statement http://www.sciinc.com/privacy.asp
--------- következő rész ---------
Egy csatolt HTML állomány át lett konvertálva...
URL: http://omega.ttk.pte.hu/pipermail/vms.sig-hu/attachments/20110520/ad057a97/attachment.htm
További információk a(z) VMS.SIG-hu levelezőlistáról