Multiple Security vulnerabilities in IBM NAS(kerberos)

IBM SECURITY ADVISORY First Issued : Thu May 21 05:06:05 CDT 2015 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/nas_advisory3.asc https://aix.software.ibm.com/aix/efixes/security/nas_advisory3.asc ftp://aix.software.ibm.com/aix/efixes/security/nas_advisory3.asc =============================================================================== VULNERABILITY SUMMARY 1.VULNERABILITY: AIX NAS denial of service vulnerability PLATFORMS: AIX 5.3, 6.1 and 7.1 VIOS 2.2.* SOLUTION: Apply the fix as described below. THREAT: See below CVE Numbers:…

Read More

Security Bulletin: Power Hardware Management Console is affected by security vulnerabilities in Kerberos (CVE-2014-4341, CVE-2014-4342, CVE-2014-4343, CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, CVE-2014-9423)

Security Bulletin Summary Power Hardware Management Console is affected by security vulnerabilities in Kerberos. Vulnerability Details CVE-ID: CVE-2014-4341 DESCRIPTION: MIT Kerberos is vulnerable to a denial of service, caused by a NULL pointer dereference. By injecting invalid tokens into a GSSAPI application session, a remote attacker could exploit this vulnerability to cause the application to…

Read More