CVE-2017-5652 Apache Impala (incubating) Information DisclosureSeverity: HighVersions Affected:Apache Impala (incubating) 2.7.0 to 2.8.0Description:During a routine security analysis, it was found that one of the portssent data in plaintext even when the cluster was configured to useTLS. The port in question was used by the StatestoreSubscriber classwhich did not use the appropriate secure Thrift transport when TLS wasturned on. It was therefore possible for an adversary, with access tothe network, to eavesdrop on the packets going to and coming from thatport and view the data in plaintext.Mitigation:Users of the affected versions should apply the following mitigation: - Upgrade to Apache Impala (incubating) 2.9.0Credit:This issue was identified and reported responsibly by the Clouderasecurity team.References:[1] https://issues.apache.org/jira/browse/IMPALA-5253
CVE-2017-5640 Apache Impala (incubating) Information DisclosureSeverity: HighVersions Affected:Apache Impala (incubating) 2.7.0 to 2.8.0Description:It was noticed that a malicious process impersonating an Impala daemoncould cause Impala daemons to skip authentication checks when Kerberosis enabled (but TLS is not). If the malicious server responds with‘COMPLETE’ before the SASL handshake has completed, the client willconsider the handshake as completed even though no exchange ofcredentials has happened.Mitigation:Users of the affected versions should apply the following mitigation:Upgrade to Apache Impala (incubating) 2.9.0Credit:This issue was identified by the Cloudera Security team.References:https://issues.apache.org/jira/browse/IMPALA-5005
Note: the current version of the following document is available here:https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbns03755en_usSUPPORT COMMUNICATION - SECURITY BULLETINDocument ID: hpesbns03755en_usVersion: 1HPESBNS03755 rev.1 - HPE NonStop Server using Samba, Multiple Remote VulnerabilitiesNOTICE: The information in this Security Bulletin should be acted upon as soon as possible.Release Date: 2017-06-07Last Updated: 2017-06-07Potential Security Impact: Remote: Access Restriction Bypass, Arbitrary Code ExecutionSource: Hewlett Packard Enterprise, Product Security Response TeamVULNERABILITY SUMMARYHPE NonStop Server using Samba is vulnerable to remote code execution and remote access restriction bypass.References: - CVE-2017-7494 - Remote Code Execution - CVE-2017-2619 - Remote Access Restriction BypassSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. - Samba on NonStop T1201L01 through T1201L01^AAL, T1201H01 through T1201H01^AAMBACKGROUND CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector CVE-2017-2619 5.9 CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L 5.2 (AV:L/AC:H/Au:N/C:C/I:P/A:P) CVE-2017-7494 7.5 CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C) Information on CVSS is documented in HPE Customer Notice HPSN-2008-002 here:https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499RESOLUTIONThere are no patches available at this time for these vulnerabilities.Hewlett Packard Enterprise will provide fixes in Samba SPRs T1201L01^AAO and T1201H01^AAN.Customers can apply the following workarounds for each vulnerability inSamba:Workaround for CVE-2017-7494: + Add the parameter: `nt pipe support = no` to the smb.conf [global] section + Restart the Samba daemon (smbd).Workaround for CVE-2017-2619: + Add the parameter: `unix extensions = no` to the smb.conf [global] section + Restart the Samba daemon (smbd).See NonStop Hotstuff HS03357 for additional information. **Note**: For further assistance please contact NonStop technical support.HISTORYVersion:1 (rev.1) - 8 June 2017 Initial releaseThird Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.Report: To report a potential security vulnerability for any HPE supportedproduct: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.comSubscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_ChoiceSecurity Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_ArchiveSoftware Product Category: The Software Product Category is represented in the title by the two characters following HPSB.3C = 3COM3P = 3rd Party SoftwareGN = HPE General SoftwareHF = HPE Hardware and FirmwareMU = Multi-Platform SoftwareNS = NonStop ServersOV = OpenVMSPV = ProCurveST = Storage SoftwareUX = HP-UXCopyright 2016 Hewlett Packard EnterpriseHewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
Note: the current version of the following document is available here:https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03745en_usSUPPORT COMMUNICATION - SECURITY BULLETINDocument ID: hpesbhf03745en_usVersion: 2HPESBHF03745 rev.2 - HPE Intelligent Management Center (iMC) PLAT, Remote Code ExecutionNOTICE: The information in this Security Bulletin should be acted upon as soon as possible.Release Date: 2017-06-27Last Updated: 2017-06-26Potential Security Impact: Remote: Code ExecutionSource: Hewlett Packard Enterprise, Product Security Response TeamVULNERABILITY SUMMARYPotential security vulnerabilities have been identified in HPE Intelligent Management Center (iMC) PLAT. The vulnerabilities could be exploited remotely to allow execution of code.References: - CVE-2017-5816 - CVE-2017-5817 - CVE-2017-5818 - CVE-2017-5819 - CVE-2017-8948 - ZDI-CAN-4368SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. - HP Intelligent Management Center (iMC) All version prior to IMC PLAT 7.3E0504P04 - Please refer to the RESOLUTION below for a list of impacted products.BACKGROUND CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector CVE-2017-5816 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2017-5817 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2017-5818 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C) CVE-2017-5819 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2017-8948 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) Information on CVSS is documented in HPE Customer Notice HPSN-2008-002 here:https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499Hewlett Packard Enterprise thanks sztivi for working with Trend Micro's Zero Day Initiative (ZDI) for reporting these vulnerabilities to security-alert@hpe.comRESOLUTIONHPE has made the following software update available to resolve the vulnerabilities in the iMC PLAT network products listed. + **iMC PLAT - Version: Fixed in IMC PLAT 7.3 E0504P04** * HP Network Products - JD125A HP IMC Std S/W Platform w/100-node - JD126A HP IMC Ent S/W Platform w/100-node - JD808A HP IMC Ent Platform w/100-node License - JD814A HP A-IMC Enterprise Edition Software DVD Media - JD815A HP IMC Std Platform w/100-node License - JD816A HP A-IMC Standard Edition Software DVD Media - JF288AAE HP Network Director to Intelligent Management Center Upgrade E-LTU - JF289AAE HP Enterprise Management System to Intelligent Management Center Upgrade E-LTU - JF377A HP IMC Std S/W Platform w/100-node Lic - JF377AAE HP IMC Std S/W Pltfrm w/100-node E-LTU - JF378A HP IMC Ent S/W Platform w/200-node Lic - JF378AAE HP IMC Ent S/W Pltfrm w/200-node E-LTU - JG546AAE HP IMC Basic SW Platform w/50-node E-LTU - JG548AAE HP PCM+ to IMC Bsc Upgr w/50-node E-LTU - JG549AAE HP PCM+ to IMC Std Upgr w/200-node E-LTU - JG747AAE HP IMC Std SW Plat w/ 50 Nodes E-LTU - JG748AAE HP IMC Ent SW Plat w/ 50 Nodes E-LTU - JG768AAE HP PCM+ to IMC Std Upg w/ 200-node E-LTU - JG550AAE HPE PCM+ Mobility Manager to IMC Basic WLAN Platform Upgrade 50-node and 150-AP E-LTU - JG590AAE HPE IMC Basic WLAN Manager Software Platform 50 Access Point E-LTU - JG660AAE HP IMC Smart Connect with Wireless Manager Virtual Appliance Edition E-LTU - JG766AAE HP IMC Smart Connect Virtual Appliance Edition E-LTU - JG767AAE HP IMC Smart Connect with Wireless Manager Virtual Appliance Edition E-LTU - JG768AAE HPE PCM+ to IMC Standard Software Platform Upgrade with 200-node E-LTU**Note:** Please contact HPE Technical Support if any assistance is needed acquiring the software updates.HISTORYVersion:1 (rev.1) - 11 May 2017 Initial releaseVersion:2 (rev.2) - 26 June 2017 Adding ZDI-CAN-4368 to Security Bulletin.Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.Report: To report a potential security vulnerability for any HPE supportedproduct: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.comSubscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_ChoiceSecurity Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_ArchiveSoftware Product Category: The Software Product Category is represented in the title by the two characters following HPSB.3C = 3COM3P = 3rd Party SoftwareGN = HPE General SoftwareHF = HPE Hardware and FirmwareMU = Multi-Platform SoftwareNS = NonStop ServersOV = OpenVMSPV = ProCurveST = Storage SoftwareUX = HP-UXCopyright 2016 Hewlett Packard EnterpriseHewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
Note: the current version of the following document is available here:https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03762en_usSUPPORT COMMUNICATION - SECURITY BULLETINDocument ID: hpesbgn03762en_usVersion: 1HPESBGN03762 rev.1 - HPE Network Node Manager i (NNMi) Software, Remote Bypass Security Restrictions, Cross-Site Scripting (XSS), URL RedirectionNOTICE: The information in this Security Bulletin should be acted upon as soon as possible.Release Date: 2017-06-29Last Updated: 2017-06-29Potential Security Impact: Remote: Bypass Security Restrictions, Cross-Site Scripting (XSS), URL RedirectionSource: Hewlett Packard Enterprise, Product Security Response TeamVULNERABILITY SUMMARYPotential security vulnerabilities have been identified in HPE Network Node Manager i. The vulnerabilities could be remotely exploited to allow bypass security restrictions, cross-site scripting (XSS), and/or URL redirection.References: - CVE-2017-8948 - remote bypass security restrictions, XSS, URL redirectionSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. - HPE Network Node Manager I (NNMi) Software - v10.0x, v10.1x, v10.2xBACKGROUND CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector CVE-2017-8948 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) Information on CVSS is documented in HPE Customer Notice HPSN-2008-002 here:https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499Hewlett Packard Enterprise thanks Calum Hutton for reporting this issue to security-alert@hpe.comRESOLUTIONHPE has made the following software updates and mitigation information to resolve the vulnerability in HPE Network Node Manager i:Customers using v9.X must upgrade to v10.x and then install the patch below.Patches are available to address the vulnerabilities:For v10.0x: Network Node Manager i 10.00 Patch 5- - Linux:<https://softwaresupport.hpe.com/group/softwaresupport/search-result/-/facets
arch/document/KM02802952>- - Windows:<https://softwaresupport.hpe.com/group/softwaresupport/search-result/-/facets
arch/document/KM02802940>For v10.1x: Network Node Manager i 10.10 Patch 4- - Linux:<https://softwaresupport.hpe.com/group/softwaresupport/search-result/-/facets
arch/document/KM02802972>- - Windows:<https://softwaresupport.hpe.com/group/softwaresupport/search-result/-/facets
arch/document/KM02803000>For v10.2x: Network Node Manager i 10.20 Patch 3- - Linux:<https://softwaresupport.hpe.com/group/softwaresupport/search-result/-/facets
arch/document/KM02802932>- - Windows:<https://softwaresupport.hpe.com/group/softwaresupport/search-result/-/facets
arch/document/KM02802964>HISTORYVersion:1 (rev.1) - 29 June 2017 Initial releaseThird Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.Report: To report a potential security vulnerability for any HPE supportedproduct: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.comSubscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_ChoiceSecurity Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_ArchiveSoftware Product Category: The Software Product Category is represented in the title by the two characters following HPSB.3C = 3COM3P = 3rd Party SoftwareGN = HPE General SoftwareHF = HPE Hardware and FirmwareMU = Multi-Platform SoftwareNS = NonStop ServersOV = OpenVMSPV = ProCurveST = Storage SoftwareUX = HP-UXCopyright 2016 Hewlett Packard EnterpriseHewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
