Boletines de Vulnerabilidades

IBM Security Bulletin: Vulnerabilities in Bash affect IBM SAN b-type Switches (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, CVE-2014-6278)

Información sobre el sistema
   
Software afectado IBM

Descripción
Six Bash vulnerabilities were disclosed in September 2014. This bulletin addresses the vulnerabilities that have been referred to as “Bash Bug� or “Shellshock� and two memory corruption vulnerabilities. Bash is used by IBM SAN b-type Switches. CVE(s): CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277 and CVE-2014-6278 Affected product(s) and affected version(s): IBM MTM: 2499-816 IBM System

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_vulnerabilities_in_bash_affect_ibm_san_b_type_switches_cve_2014_6271_cve_2014_7169_cve_2014_7186_cve_2014_7187_cve_2014_6277_cve_2014_6278?lang=en_us

Identificadores estándar
Propiedad Valor
CVE CVE-2014-6271 ,CVE-2014-7169 ,CVE-2014-7186 ,CVE-2014-7187 ,CVE-2014-6277 ,CVE-2014-6278 and CVE-2014-7191.

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2014-10-15

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT