Details of VAR-200912-0564

ID

VAR-200912-0564

TITLE

Hitachi Multiple Storage Command Suite Products 'StartTLS' Information Disclosure Vulnerability

Trust: 0.3

sources: BID: 37445

DESCRIPTION

Multiple Hitachi Storage Command Suite Products are prone to an information-disclosure vulnerability. An attacker can exploit this issue to obtain communication information that may aid in further attacks. ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: Hitachi Products Secure LDAP Information Disclosure SECUNIA ADVISORY ID: SA37869 VERIFY ADVISORY: http://secunia.com/advisories/37869/ DESCRIPTION: A security issue has been reported in multiple Hitachi products, which can be exploited by malicious people to disclose potentially sensitive information. The security issue is caused due to the products sending plaintext LDAP data over LDAP sessions configured as secure. This can be exploited to disclose LDAP protocol data by sniffing network traffic. Please see the vendor advisory for a list of affected products. SOLUTION: Update to a fixed version. Hitachi Device Manager Software (Windows, Linux, Solaris): Update to version 6.2.0-02. Hitachi Global Link Manager Software: Update to version 6.2.0-01 when available. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-018/index.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 0.36

sources: BID: 37445 // PACKETSTORM: 84171

AFFECTED PRODUCTS

vendor:	hitachi	model:	tiered storage manager software	scope:	eq	version:	6.2-01	Trust: 0.6
vendor:	hitachi	model:	tiered storage manager software )	scope:	eq	version:	6.2-01	Trust: 0.6
vendor:	hitachi	model:	tiered storage manager software	scope:	eq	version:	6.2-00	Trust: 0.6
vendor:	hitachi	model:	tiered storage manager software )	scope:	eq	version:	6.2-00	Trust: 0.6
vendor:	hitachi	model:	tiered storage manager software	scope:	eq	version:	6.1.1-01	Trust: 0.6
vendor:	hitachi	model:	tiered storage manager software )	scope:	eq	version:	6.1.1-01	Trust: 0.6
vendor:	hitachi	model:	tiered storage manager software	scope:	eq	version:	6.1.1-00	Trust: 0.6
vendor:	hitachi	model:	tiered storage manager software )	scope:	eq	version:	6.1.1-00	Trust: 0.6
vendor:	hitachi	model:	tiered storage manager software	scope:	eq	version:	6.1-01	Trust: 0.6
vendor:	hitachi	model:	tiered storage manager software )	scope:	eq	version:	6.1-01	Trust: 0.6
vendor:	hitachi	model:	tiered storage manager software	scope:	eq	version:	6.1-00	Trust: 0.6
vendor:	hitachi	model:	tiered storage manager software )	scope:	eq	version:	6.1-00	Trust: 0.6
vendor:	hitachi	model:	replication manager software )	scope:	eq	version:	6.2-00	Trust: 0.6
vendor:	hitachi	model:	replication manager software )	scope:	eq	version:	6.1-01	Trust: 0.6
vendor:	hitachi	model:	replication manager software )	scope:	eq	version:	6.1-00	Trust: 0.6
vendor:	hitachi	model:	device manager software	scope:	eq	version:	6.2-01	Trust: 0.6
vendor:	hitachi	model:	device manager software )	scope:	eq	version:	6.2-01	Trust: 0.6
vendor:	hitachi	model:	device manager software	scope:	eq	version:	6.2-00	Trust: 0.6
vendor:	hitachi	model:	device manager software )	scope:	eq	version:	6.2-00	Trust: 0.6
vendor:	hitachi	model:	device manager software	scope:	eq	version:	6.1.1-04	Trust: 0.6
vendor:	hitachi	model:	device manager software )	scope:	eq	version:	6.1.1-04	Trust: 0.6
vendor:	hitachi	model:	device manager software	scope:	eq	version:	6.1.1-00	Trust: 0.6
vendor:	hitachi	model:	device manager software )	scope:	eq	version:	6.1.1-00	Trust: 0.6
vendor:	hitachi	model:	device manager software	scope:	eq	version:	6.1-02	Trust: 0.6
vendor:	hitachi	model:	device manager software )	scope:	eq	version:	6.1-02	Trust: 0.6
vendor:	hitachi	model:	device manager software	scope:	eq	version:	6.1-00	Trust: 0.6
vendor:	hitachi	model:	device manager software )	scope:	eq	version:	6.1-00	Trust: 0.6
vendor:	hitachi	model:	device manager software	scope:	ne	version:	6.2-02	Trust: 0.6
vendor:	hitachi	model:	device manager software )	scope:	ne	version:	6.2-02	Trust: 0.6
vendor:	hitachi	model:	tuning manager software	scope:	eq	version:	6.2-01	Trust: 0.3
vendor:	hitachi	model:	tuning manager software )	scope:	eq	version:	6.2-01	Trust: 0.3
vendor:	hitachi	model:	tuning manager software	scope:	eq	version:	6.2-00	Trust: 0.3
vendor:	hitachi	model:	tuning manager software )	scope:	eq	version:	6.2-00	Trust: 0.3
vendor:	hitachi	model:	tuning manager software	scope:	eq	version:	6.1-00	Trust: 0.3
vendor:	hitachi	model:	tuning manager software )	scope:	eq	version:	6.1-00	Trust: 0.3
vendor:	hitachi	model:	replication manager software	scope:	eq	version:	6.2-00	Trust: 0.3
vendor:	hitachi	model:	replication manager software	scope:	eq	version:	6.1-01	Trust: 0.3
vendor:	hitachi	model:	replication manager software	scope:	eq	version:	6.1-00	Trust: 0.3
vendor:	hitachi	model:	global link manager software	scope:	eq	version:	6.2-00	Trust: 0.3
vendor:	hitachi	model:	global link manager software	scope:	eq	version:	6.1-01	Trust: 0.3
vendor:	hitachi	model:	global link manager software	scope:	eq	version:	6.1-00	Trust: 0.3
vendor:	hitachi	model:	global link manager software	scope:	ne	version:	6.2-01	Trust: 0.3

sources: BID: 37445

THREAT TYPE

network

Trust: 0.3

sources: BID: 37445

TYPE

Design Error

Trust: 0.3

sources: BID: 37445

EXTERNAL IDS

db:	HITACHI	id:	HS09-018	Trust: 0.4
db:	BID	id:	37445	Trust: 0.3
db:	SECUNIA	id:	37869	Trust: 0.2
db:	PACKETSTORM	id:	84171	Trust: 0.1

sources: BID: 37445 // PACKETSTORM: 84171

REFERENCES

url:	http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs09-018/index.html	Trust: 0.4
url:	http://www.hds.com/products/storage-software/hitachi-device-manager.html	Trust: 0.3
url:	http://secunia.com/advisories/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/advisories/business_solutions/	Trust: 0.1
url:	http://secunia.com/advisories/37869/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/advisories/about_secunia_advisories/	Trust: 0.1

sources: BID: 37445 // PACKETSTORM: 84171

CREDITS

The vendor

Trust: 0.3

sources: BID: 37445

SOURCES

db:	BID	id:	37445
db:	PACKETSTORM	id:	84171

LAST UPDATE DATE

2022-05-17T22:52:15.643000+00:00

SOURCES UPDATE DATE

db:

BID

id:

37445

date:

2009-12-22T00:00:00

SOURCES RELEASE DATE

db:	BID	id:	37445	date:	2009-12-22T00:00:00
db:	PACKETSTORM	id:	84171	date:	2009-12-22T12:23:29