TITLE: Hitachi Multiple JP1 Products Denial of Service SECUNIA ADVISORY ID: SA19841 VERIFY ADVISORY: http://secunia.com/advisories/19841/ CRITICAL: Moderately critical IMPACT: DoS WHERE: >From remote SOFTWARE: Hitachi JP1/Server Conductor/Server Manager http://secunia.com/product/9572/ Hitachi JP1/Server Conductor/Blade Server Manager http://secunia.com/product/9571/ Hitachi JP1/Security Integrated Manager http://secunia.com/product/9574/ Hitachi JP1/PFM/SNMP System Observer (SSO) http://secunia.com/product/9566/ Hitachi JP1/Performance Management (PFM) http://secunia.com/product/9568/ Hitachi JP1/File Access Control http://secunia.com/product/9573/ Hitachi JP1/Cm2/Network Node Manager http://secunia.com/product/9570/ Hitachi JP1/Automatic Job Management System 2 (AJS2) http://secunia.com/product/9567/ DESCRIPTION: A vulnerability has been reported in multiple JP1 products, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error when handling certain specially crafted data or requests. This can be exploited to cause the products to stop responding. The vulnerability has been reported in the following products: * JP1/PFM/SNMP System Observer * JP1/Server System Observer * JP1/Automatic Job Management System 2 * JP1/Performance Management * Cm2/Network Node Manager Enterprise/Unlimited/250, * JP1/Cm2/Network Node Manager Enterprise/250 * JP1/Server Conductor/Blade Server Manager * JP1/Server Conductor/Server Manager * Server Conductor/Blade Server Manager * Server Conductor/Server Manager * System Manager - Management Console * JP1/File Access Control * JP1/Security Integrated Manager SOLUTION: Apply patches (see patch matrix in the vendor advisory). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.hitachi-support.com/security_e/vuls_e/HS06-007_e/index-e.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------