High Severity

IBM Security Bulletin: Vulnerabilities in GSKit affect IBM Tivoli Directory Server and IBM Security Directory Server for AIX Security Bulletin

Share this post:

There are multiple vulnerabilities in GSKit that affect IBM Tivoli Directory Server and IBM Security Directory Server for AIX.

CVE(s): CVE-2018-1388, CVE-2018-1427, CVE-2018-1426, CVE-2016-0702, CVE-2018-1447

Affected product(s) and affected version(s):

AIX 5.3, 6.1, 7.1, 7.2
VIOS 2.2.x

The following fileset levels (VRMF) are vulnerable, if the respective IBM Tivoli Directory Server (ITDS) or IBM Security Directory Server (ISDS) version is installed:
For ITDS 6.2.0: Less than 6.2.0.56
For ITDS 6.3.0: Less than 6.3.0.49
For ISDS 6.3.0: Less than 6.3.1.24
For ISDS 6.3.0: Less than 6.4.0.16

Note: To find out whether the affected ITDS or ISDS filesets are installed on your systems, refer to the lslpp command found in AIX user’s guide.

Example: lslpp -L | grep -i itds

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=ibm10788069
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/138212
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/139072
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/139071
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/111144
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/139972

More stories

IBM Security Bulletin: IBM Security SiteProtector System is affected by Apache HTTP Server vulnerabilities

Apr 25, 2019 9:02 am EDT | High Severity

IBM Security SiteProtector System has addressed the following vulnerabilities in Apache HTTP Server. CVE(s): CVE-2018-11759, CVE-2017-12613, CVE-2017-15710, CVE-2017-15715, CVE-2018-1301 Affected product(s) and affected version(s): Affected IBM Security SiteProtector System Affected Versions IBM Security SiteProtector System 3.1.1 IBM Security SiteProtector System 3.0.0 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10880665X-Force ...read more


IBM Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in GNU C Library (CVE-2017-15804 CVE-2017-15670 CVE-2015-5180)

Apr 25, 2019 9:01 am EDT | High Severity

IBM Dynamic System Analysis (DSA) Preboot has addressed the following vulnerabilities in GNU C Library. CVE(s): CVE-2017-15804, CVE-2017-15670, CVE-2015-5180 Affected product(s) and affected version(s): Product Affected Version IBM Dynamic System Analysis (DSA) Preboot 9.6 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10870808X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/133996X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/133915X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/130620 ...read more


IBM Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in xorg-x11

Apr 25, 2019 9:01 am EDT | High Severity

IBM Dynamic System Analysis (DSA) Preboot has addressed the following vulnerabilities in xorg-x11. CVE(s): CVE-2015-9262, CVE-2018-14665, CVE-2018-14600, CVE-2018-14599, CVE-2018-14598 Affected product(s) and affected version(s): Product Affected Version IBM Dynamic System Analysis (DSA) Preboot 9.6 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10874890X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148854X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151991X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148663X-Force Database: ...read more