ADSM-L
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ADSM-L] Privilege escalation bug

2015-02-25 12:48:38
Subject: Re: [ADSM-L] Privilege escalation bug
From: Skylar Thompson <skylar2 AT U.WASHINGTON DOT EDU>
To: ADSM-L AT VM.MARIST DOT EDU
Date: Wed, 25 Feb 2015 09:46:21 -0800 
That is my assumption as well. Fortunately IBM has started renewing Solaris
x86 clients again.

On Wed, Feb 25, 2015 at 12:11:39PM -0500, Zoltan Forray wrote:
> Does not specifically say if it includes SOLARIS (only says "*UNIX, Linux,
> and OS X allows local users to gain privileges via unspecified vectors.*").
> Do I assume since it says "UNIX" SOLARIS is includes?  We have some old
> Domino Solaris boxes (supposed to go away some time soon....) still running
> 6.1.3....
>
>
>
> On Wed, Feb 25, 2015 at 10:56 AM, Thomas Denier <Thomas.Denier AT jefferson 
> DOT edu
> > wrote:
>
> > I received a security bulletin from IBM yesterday regarding "Tivoli
> > Storage Manager Stack-based Buffer Overflow Elevation of Privilege:
> > CVE-2014-6184". The affected version/release combinations listed in the
> > bulletin run from 5.4 to 6.3. We still have one Linux system with 5.3
> > client code. Can I treat the list of affected releases as an explicit
> > assurance that the 5.3 client does not have the vulnerability discussed in
> > the bulletin? The alternative possibility that worries me is that 5.4 is
> > the oldest level IBM thought it worthwhile to check.
> >
> > Thomas Denier
> > Thomas Jefferson University
> > The information contained in this transmission contains privileged and
> > confidential information. It is intended only for the use of the person
> > named above. If you are not the intended recipient, you are hereby notified
> > that any review, dissemination, distribution or duplication of this
> > communication is strictly prohibited. If you are not the intended
> > recipient, please contact the sender by reply email and destroy all copies
> > of the original message.
> >
> > CAUTION: Intended recipients should NOT use email communication for
> > emergent or urgent health care matters.
> >
>
>
>
> --
> *Zoltan Forray*
> TSM Software & Hardware Administrator
> Hobbit / Xymon Administrator
> Virginia Commonwealth University
> UCC/Office of Technology Services
> zforray AT vcu DOT edu - 804-828-4807
> Don't be a phishing victim - VCU and other reputable organizations will
> never use email to request that you reply with your password, social
> security number or confidential personal information. For more details
> visit http://infosecurity.vcu.edu/phishing.html

--
-- Skylar Thompson (skylar2 AT u.washington DOT edu)
-- Genome Sciences Department, System Administrator
-- Foege Building S046, (206)-685-7354
-- University of Washington School of Medicine
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ADSM-L] Privilege escalation bug, Zoltan Forray
Next by Date:  Re: [ADSM-L] Privilege escalation bug, Thomas Denier
Previous by Thread:  Re: [ADSM-L] Privilege escalation bug, Zoltan Forray
Next by Thread:  Re: [ADSM-L] Privilege escalation bug, Thomas Denier
Indexes:  [Date] [Thread] [Top] [All Lists]