Vulnerabilities in Samba affect IBM Spectrum Scale SMB protocol access method that: – could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free memory error (CVE-2017-14746) – could allow a remote attacker to obtain sensitive information, caused by a heap memory information leak (CVE-2017-15275)
CVE(s): CVE-2017-15275, CVE-2017-14746
Affected product(s) and affected version(s):
IBM Spectrum Scale 5.0.0.0
IBM Spectrum Scale 4.2.0.0 through 4.2.3.6
IBM Spectrum Scale 4.1.1.0 through 4.1.1.18
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ssg1S1012067
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/135221
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/135222
The post IBM Security Bulletin: Vulnerabilities in Samba affect IBM Spectrum Scale SMB protocol access method (CVE-2017-14746, CVE-2017-15275) appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team http://ift.tt/2FhES1Q
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.