HP-UX: CVE-2014-0411: HPE HP-UX running CIFS Server (Samba), Remote Denial of Service (DoS), Disclosure of Information, Unauthorized Access
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
4 | (AV:N/AC:H/Au:N/C:P/I:P/A:N) | January 15, 2014 | August 11, 2017 | January 08, 2018 |
Description
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information about encryption keys via a timing discrepancy during the TLS/SSL handshake.
Scan For This Vulnerability
Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities
References
Solution
hpux-update-jdk70-jdk70-comRelated Vulnerabilities
- SUSE Linux Security Vulnerability: CVE-2013-5891
- FreeBSD: puppet27 and puppet -- multiple vulnerabilities (Multiple CVEs)
- SUSE: CVE-2014-0428: SUSE Linux Security Advisory
- Sun Patch: SunOS 5.10: RPC patch
- SUSE: CVE-2014-0433: SUSE Linux Security Advisory
- Gentoo Linux: CVE-2014-0433: MySQL: Multiple vulnerabilities
- Oracle MySQL Vulnerability: CVE-2014-0420
- SUSE: CVE-2014-0387: SUSE Linux Security Advisory
- Gentoo Linux: CVE-2013-5905: Oracle JRE/JDK: Multiple vulnerabilities
- HP-UX: CVE-2014-0424: HPE HP-UX running CIFS Server (Samba), Remote Denial of Service (DoS), Disclosure of Information, Unauthorized Access
- FreeBSD: mozilla -- multiple vulnerabilities (Multiple CVEs)
- Cent OS: CVE-2014-0422: CESA-2014:0097 (java-1.6.0-openjdk)
- Gentoo Linux: CVE-2014-0407: VirtualBox: Multiple Vulnerabilities
- Java CPU January 2014 Java SE Deployment vulnerability (CVE-2014-0387)
- Oracle MySQL Vulnerability: CVE-2014-0393
- Gentoo Linux: CVE-2013-5906: Oracle JRE/JDK: Multiple vulnerabilities
- HP-UX: CVE-2013-5898: HPE HP-UX running CIFS Server (Samba), Remote Denial of Service (DoS), Disclosure of Information, Unauthorized Access
- Sun Patch: SunOS 5.8: ps command patch
- Java CPU January 2014 Java SE, JRockit, Java SE Embedded 2D vulnerability (CVE-2013-5907)
- Oracle Solaris 11: CVE-2013-5821 (11.1 SRU 2.5.0)
- Gentoo Linux: CVE-2013-5907: Oracle JRE/JDK: Multiple vulnerabilities
- Sun Patch: SunOS 5.9: rpc.rusersd Patch
- SUSE Linux Security Vulnerability: CVE-2013-1654
- RHSA-2013:1135: nss and nspr security, bug fix, and enhancement update
- RHSA-2014:0136: java-1.5.0-ibm security update
- Cent OS: CVE-2014-0423: CESA-2014:0097 (java-1.6.0-openjdk)
- SUSE Linux Security Vulnerability: CVE-2013-1862
- Gentoo Linux: CVE-2007-0008: Mozilla Network Security Service: Remote execution of arbitrary code
- Gentoo Linux: CVE-2013-5893: Oracle JRE/JDK: Multiple vulnerabilities
- Java CPU January 2014 Java SE, JavaFX, Java SE Embedded 2D vulnerability (CVE-2014-0417)
- Cent OS: CVE-2013-5893: CESA-2014:0027 (java-1.7.0-openjdk)
- Java CPU January 2014 Java SE Serviceability vulnerability (CVE-2014-0373)
- Sun Patch: SunOS 5.10_x86: Oracle Java Web Console 3.1 Patch
- Gentoo Linux: CVE-2014-0385: Oracle JRE/JDK: Multiple vulnerabilities
- Gentoo Linux: CVE-2013-5898: Oracle JRE/JDK: Multiple vulnerabilities
- RHSA-2013:1133: httpd security update
- RHSA-2013:1207: Red Hat JBoss Enterprise Application Platform 6.1.1 update
- HP-UX: CVE-2014-0373: HPE HP-UX running CIFS Server (Samba), Remote Denial of Service (DoS), Disclosure of Information, Unauthorized Access
- Apache Struts DefaultActionMapper OGNL arbitrary command execution (CVE-2013-2251)
- Sun Patch: SunOS 5.9: Asian SunOS 4.x Binary Compatibility(BCP) patch
- Apache Tomcat: Important: Denial of service (CVE-2012-3544)
- Gentoo Linux: CVE-2014-0404: VirtualBox: Multiple Vulnerabilities
- Java CPU January 2014 Java SE Install vulnerability (CVE-2013-5906)
- Amazon Linux AMI: Security patch for httpd (ALAS-2013-193) (multiple CVEs)
- RHSA-2013:1011: Red Hat JBoss Web Server 2.0.1 update
- Gentoo Linux: CVE-2014-0431: MySQL: Multiple vulnerabilities
- Oracle Solaris 11: CVE-2013-1620: Vulnerability in NSS
- HP-UX: CVE-2014-0375: HPE HP-UX running CIFS Server (Samba), Remote Denial of Service (DoS), Disclosure of Information, Unauthorized Access
- Sun Patch: SunOS 5.9_x86: rpc.rusersd Patch
- Cent OS: CVE-2014-0376: CESA-2014:0097 (java-1.6.0-openjdk)
- IBM AIX: java_jan2014_advisory (CVE-2014-0423): Vulnerability in IBM Java SDK affects AIX
- Cent OS: CVE-2014-0373: CESA-2014:0097 (java-1.6.0-openjdk)
- FreeBSD: puppet26 -- multiple vulnerabilities (Multiple CVEs)
- Sun Patch: SunOS 5.8_x86: rpc.rusersd Patch
- FreeBSD: virtualbox-ose -- local vulnerability (CVE-2013-5892)
- Apache Struts: S2-016 (CVE-2013-2251): Security updates available for Apache Struts
- SUSE Linux Security Vulnerability: CVE-2012-3499
- RHSA-2007:0097: firefox security update
- F5 Networks: K16385 (CVE-2013-5882): Multiple MySQL vulnerabilities
- Gentoo Linux: CVE-2013-5899: Oracle JRE/JDK: Multiple vulnerabilities
- IBM AIX: java_jan2014_advisory (CVE-2013-5887): Vulnerability in IBM Java SDK affects AIX
- IBM AIX: java_jan2014_advisory (CVE-2014-0403): Vulnerability in IBM Java SDK affects AIX
- HP-UX: CVE-2013-5889: HPE HP-UX running CIFS Server (Samba), Remote Denial of Service (DoS), Disclosure of Information, Unauthorized Access
- HP-UX: CVE-2013-5907: HPE HP-UX running CIFS Server (Samba), Remote Denial of Service (DoS), Disclosure of Information, Unauthorized Access
- Oracle MySQL Vulnerability: CVE-2013-5908
- Gentoo Linux: CVE-2014-0387: Oracle JRE/JDK: Multiple vulnerabilities
- Java CPU January 2014 Java SE Deployment vulnerability (CVE-2014-0415)
- F5 Networks: K16385 (CVE-2013-5891): Multiple MySQL vulnerabilities
- Oracle Solaris 11: CVE-2013-2924: Vulnerability in Localization (L10N)
- Gentoo Linux: CVE-2013-2067: Apache Tomcat: Multiple vulnerabilities
- Gentoo Linux: CVE-2014-0410: Oracle JRE/JDK: Multiple vulnerabilities
- IBM AIX: java_jan2014_advisory (CVE-2014-0410): Vulnerability in IBM Java SDK affects AIX
- Gentoo Linux: CVE-2014-0428: Oracle JRE/JDK: Multiple vulnerabilities
- Gentoo Linux: CVE-2014-0427: MySQL: Multiple vulnerabilities
- Oracle MySQL Vulnerability: CVE-2014-0412
- Oracle Database: Critical Patch Update - January 2014 (CVE-2014-0377)
- Sun Patch: SunOS 5.9: Apache Security Patch
- Amazon Linux AMI: Security patch for nspr (ALAS-2013-266) (multiple CVEs)
- RHSA-2014:0027: java-1.7.0-openjdk security update
- HP-UX: CVE-2013-1862: Apache Web Server, Remote Execution of Arbitrary Code, Denial of Service (DoS)
- F5 Networks: K16389 (CVE-2014-0412): Multiple MySQL vulnerabilities
- Gentoo Linux: CVE-2014-0368: Oracle JRE/JDK: Multiple vulnerabilities
- RHSA-2014:0134: java-1.7.0-ibm security update
- Java CPU January 2014 Java SE, Java SE Embedded CORBA vulnerability (CVE-2013-5896)
- IBM AIX: java_jan2014_advisory (CVE-2014-0411): Vulnerability in IBM Java SDK affects AIX
- ELSA-2013-0964 Moderate: Oracle Linux tomcat6 security update
- Gentoo Linux: CVE-2013-1862: Apache HTTP Server: Multiple vulnerabilities
- CESA-2007:0079: Firefox security update
- Cent OS: CVE-2012-4558: CESA-2013:0815 (httpd)
- Java CPU January 2014 Java SE, JavaFX JavaFX vulnerability (CVE-2013-5895)
- Java CPU January 2014 Java SE Deployment vulnerability (CVE-2014-0418)
- HP-UX: CVE-2014-0368: HPE HP-UX running CIFS Server (Samba), Remote Denial of Service (DoS), Disclosure of Information, Unauthorized Access
- Apache Struts: S2-015 (CVE-2013-2135): Security updates available for Apache Struts
- FreeBSD: apache22 -- several vulnerabilities (Multiple CVEs)
- HP-UX: CVE-2013-5899: HPE HP-UX running CIFS Server (Samba), Remote Denial of Service (DoS), Disclosure of Information, Unauthorized Access
- F5 Networks: K16389 (CVE-2014-0402): Multiple MySQL vulnerabilities
- Java CPU January 2014 Java SE Install vulnerability (CVE-2014-0385)
- IBM AIX: java_jan2014_advisory (CVE-2013-5878): Vulnerability in IBM Java SDK affects AIX
- SUSE Linux Security Vulnerability: CVE-2013-5860
- Sun Patch: NSS_NSPR_JSS 3.35 Solaris: NSPR 4.18 / NSS 3.35 / JSS 4.3.2 Mainte