Kod više HP proizvoda (HP Integrity Server rx2800 i2, BL860c i2, BL870c i2, BL890c i2) uočeni su nedostaci koje potencijalni napadači mogu iskoristiti za DoS napad.
Paket:
HP Integrity Blade Server bl860c, HP Integrity Blade Server bl870c, HP Integrity Blade Server bl890c, HP Integrity Server rx2800
Operacijski sustavi:
HP-UX 11.x, Microsoft Windows Server 2008
Kritičnost:
6.3
Problem:
nespecificirana pogreška
Iskorištavanje:
lokalno/udaljeno
Posljedica:
uskraćivanje usluga (DoS)
Rješenje:
programska zakrpa proizvođača
CVE:
CVE-2012-3247
Izvorni ID preporuke:
HPSBHF02804
Izvor:
Hewlett Packard
Problem:
Detalji o problemima nisu poznati.
Posljedica:
Zlonamjeran napadač može iskoristiti propuste kako izveo napad uskraćivanjem usluga (eng. Denial of Service, DoS).
Rješenje:
Rješenje problema sigurnosti je primjena dostupnih nadogradnji.
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03450553
Version: 1
HPSBHF02804 SSRT100631 rev.1 - HP Integrity Server rx2800 i2, BL860c i2, BL870c i2, BL890c i2, Potential Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2012-08-13
Last Updated: 2012-08-13
Potential Security Impact: Denial of service (DoS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
A potential security vulnerability has been identified with HP Integrity Server models rx2800 i2, BL860c i2, BL870c i2, BL890c i2.The vulnerability could be exploited to cause a Denial of Service (DoS).
References: CVE-2012-3247
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP Integrity Server BL860c i2, BL870c i2, BL890c i2 firmware v26.11 and earlier running HP-UX , Microsoft Windows Server 2008 R2, NonStop Operating System, or OpenVMS v8.4
HP Integrity Server rx2800 i2 firmware HP-UX 11.31 (IA) firmware v26.21 and earlier running, HP-UX Microsoft Windows Server 2008 R2, NonStop Operating System, OpenVMS v8.4
BACKGROUND
For a PGP signed version of this security bulletin please write to: Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
CVSS 2.0 Base Metrics
Reference
Base Vector
Base Score
CVE-2012-3247
(AV:L/AC:M/Au:M/C:C/I:C/A:C)
6.3
Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided system firmware updates for HP Integrity Server models rx2800 i2, BL860c i2, BL870c i2, BL890c i2.
Integrity Server
Firmware version to resolve this issue
rx2800 i2
26.30 or later
bl860 i2
26.31 or later
bl870 i2
26.31 or later
bl890 i2
26.31 or later
For the rx2800 i2:
Goto www.hp.com
Click on support & drivers
Click on Drivers & Software and then search for 'rx2800 i2'
Select the appropriate server model
Click on Cross operating system (BIOS, Firmware, Diagnostics, etc.)
Click on firmware â
Posljednje sigurnosne preporuke