The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Data ONTAP 7-Mode

vulnerability announce CVE-2019-1549

OpenSSL: information disclosure via Fork Protection Low Random

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via Fork Protection Low Random of OpenSSL, in order to obtain sensitive information.
Impacted products: Debian, Data ONTAP 7-Mode, OpenSSL, VirtualBox.
Severity: 1/4.
Consequences: data reading.
Provenance: internet client.
Creation date: 11/09/2019.
Identifiers: CERTFR-2019-AVI-444, cpuoct2019, CVE-2019-1549, DSA-4539-1, DSA-4539-2, DSA-4539-3, NTAP-20190919-0002, VIGILANCE-VUL-30292.

Description of the vulnerability

An attacker can bypass access restrictions to data via Fork Protection Low Random of OpenSSL, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2019-5502

Data ONTAP 7-Mode: information disclosure via Insecure SMB Cryptography

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via Insecure SMB Cryptography of Data ONTAP 7-Mode, in order to obtain sensitive information.
Impacted products: Data ONTAP 7-Mode.
Severity: 2/4.
Consequences: data reading.
Provenance: LAN.
Creation date: 05/08/2019.
Identifiers: CVE-2019-5502, NTAP-20190802-0002, VIGILANCE-VUL-29946.

Description of the vulnerability

An attacker can bypass access restrictions to data via Insecure SMB Cryptography of Data ONTAP 7-Mode, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2019-5493

Data ONTAP 7-Mode: information disclosure via Non-default Options

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via Non-default Options of Data ONTAP 7-Mode, in order to obtain sensitive information.
Impacted products: Data ONTAP 7-Mode.
Severity: 2/4.
Consequences: data reading.
Provenance: intranet client.
Creation date: 02/08/2019.
Identifiers: CVE-2019-5493, NTAP-20190801-0002, VIGILANCE-VUL-29936.

Description of the vulnerability

An attacker can bypass access restrictions to data via Non-default Options of Data ONTAP 7-Mode, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2019-5501

Data ONTAP 7-Mode: information disclosure via LDAP Account

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via LDAP Account of Data ONTAP 7-Mode, in order to obtain sensitive information.
Impacted products: Data ONTAP 7-Mode.
Severity: 2/4.
Consequences: data reading.
Provenance: intranet client.
Creation date: 02/08/2019.
Identifiers: CVE-2019-5501, NTAP-20190801-0001, VIGILANCE-VUL-29935.

Description of the vulnerability

An attacker can bypass access restrictions to data via LDAP Account of Data ONTAP 7-Mode, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2019-8460

OpenBSD: denial of service via TCP SACK Holes Chains

Synthesis of the vulnerability

An attacker can trigger a fatal error via TCP SACK Holes Chains of OpenBSD, in order to trigger a denial of service.
Impacted products: Data ONTAP 7-Mode, OpenBSD.
Severity: 2/4.
Consequences: denial of service on server.
Provenance: internet client.
Creation date: 25/07/2019.
Identifiers: CVE-2019-8460, NTAP-20190905-0001, VIGILANCE-VUL-29880.

Description of the vulnerability

An attacker can trigger a fatal error via TCP SACK Holes Chains of OpenBSD, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2019-8936

NTP.org: NULL pointer dereference via Authenticated Mode 6

Synthesis of the vulnerability

An attacker can force a NULL pointer to be dereferenced via Authenticated Mode 6 of NTP.org, in order to trigger a denial of service.
Impacted products: Fedora, FreeBSD, AIX, Meinberg NTP Server, Data ONTAP 7-Mode, NTP.org, openSUSE Leap, Solaris, pfSense, RSA Authentication Manager, Slackware, SUSE Linux Enterprise Desktop, SLES.
Severity: 2/4.
Consequences: denial of service on service, denial of service on client.
Provenance: user account.
Creation date: 08/03/2019.
Identifiers: 3565, bulletinapr2019, CVE-2019-8936, DSA-2019-093, FEDORA-2019-694e3aa4e8, FEDORA-2019-f781d5c4c6, FreeBSD-SA-19:04.ntp, NTAP-20190503-0001, openSUSE-SU-2019:1143-1, openSUSE-SU-2019:1158-1, SSA:2019-067-01, SUSE-SU-2019:0775-1, SUSE-SU-2019:0777-1, SUSE-SU-2019:0789-1, SUSE-SU-2019:13991-1, SUSE-SU-2019:14004-1, VIGILANCE-VUL-28701.

Description of the vulnerability

An attacker can force a NULL pointer to be dereferenced via Authenticated Mode 6 of NTP.org, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2018-18605 CVE-2018-18606 CVE-2018-18607

GNU Binutils: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of GNU Binutils.
Impacted products: Data ONTAP 7-Mode, SIMATIC, SUSE Linux Enterprise Desktop, SLES.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service.
Provenance: user shell.
Number of vulnerabilities in this bulletin: 3.
Creation date: 08/03/2019.
Identifiers: CVE-2018-18605, CVE-2018-18606, CVE-2018-18607, NTAP-20190307-0003, SSB-439005, SUSE-SU-2019:2650-1, VIGILANCE-VUL-28696.

Description of the vulnerability

An attacker can use several vulnerabilities of GNU Binutils.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2018-5496

NetApp Data ONTAP: information disclosure via Volume Space Usage

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via Volume Space Usage of NetApp Data ONTAP, in order to obtain sensitive information.
Impacted products: Data ONTAP 7-Mode.
Severity: 1/4.
Consequences: data reading.
Provenance: user account.
Creation date: 05/12/2018.
Identifiers: CVE-2018-5496, NTAP-20181204-0001, VIGILANCE-VUL-27951.

Description of the vulnerability

An attacker can bypass access restrictions to data via Volume Space Usage of NetApp Data ONTAP, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2018-18065

Net-SNMP: denial of service via GetNext PDU Multiple Varbinds

Synthesis of the vulnerability

An attacker can generate a fatal error via GetNext PDU Multiple Varbinds of Net-SNMP, in order to trigger a denial of service.
Impacted products: Debian, Fedora, Data ONTAP 7-Mode, Net-SNMP, openSUSE Leap, Solaris, Palo Alto Firewall PA***, PAN-OS, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: denial of service on service.
Provenance: user account.
Creation date: 09/10/2018.
Identifiers: bulletinoct2018, CVE-2018-18065, DLA-1540-1, DSA-4314-1, FEDORA-2018-042156f164, NTAP-20181107-0001, openSUSE-SU-2018:3381-1, openSUSE-SU-2018:3508-1, PAN-SA-2019-0007, SUSE-SU-2018:3319-1, SUSE-SU-2018:3333-1, SUSE-SU-2018:3447-1, USN-3792-1, USN-3792-2, USN-3792-3, VIGILANCE-VUL-27441.

Description of the vulnerability

An attacker can generate a fatal error via GetNext PDU Multiple Varbinds of Net-SNMP, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2018-18066

Net-SNMP: denial of service via Incompletely Parsed Varbinds

Synthesis of the vulnerability

An attacker can generate a fatal error via Incompletely Parsed Varbinds of Net-SNMP, in order to trigger a denial of service.
Impacted products: Fedora, Data ONTAP 7-Mode, Net-SNMP.
Severity: 3/4.
Consequences: denial of service on service.
Provenance: intranet client.
Creation date: 09/10/2018.
Identifiers: CVE-2018-18066, FEDORA-2018-042156f164, NTAP-20181107-0001, VIGILANCE-VUL-27440.

Description of the vulnerability

An attacker can generate a fatal error via Incompletely Parsed Varbinds of Net-SNMP, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Data ONTAP 7-Mode: