Date: 15 May 2012
Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT Security Bulletin
ASB-2012.0072
Multiple vulnerabilities have been identified in Hitachi IT
Operations Director
15 May 2012
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Hitachi IT Operations Director
Operating System: Windows
Impact/Access: Cross-site Scripting -- Remote with User Interaction
Denial of Service -- Unknown/Unspecified
Resolution: Patch/Upgrade
Member content until: Thursday, June 14 2012
OVERVIEW
Multiple vulnerabilities have been identified in Hitachi IT Operations
Director for Windows versions 02-50-01 through to 02-50-07 and 03-00
through to 03-00-07.
IMPACT
The vendor has provided the following details regarding these
vulnerabilities which have been assigned Vulnerability ID HS12-014:
"Multiple vulnerabilities were found in Hitachi IT Operations Director.
* A cross-site scripting vulnerability
* A vulnerability to denial-of-service attacks" [1]
MITIGATION
The vendor recommends upgrading to the latest versions of these
products to correct this issue. [1]
REFERENCES
[1] Multiple vulnerabilities in Hitachi IT Operations Director
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-014/index.html
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBT7Gveu4yVqjM2NGpAQJiZhAAmswn6OjJlRNOhrKCTTzJQNPm2n0NKKm7
03pQddCTAfCurHXFFiDUh1/95vd6BWPK6tDKiMOHZrdzu7Po/oELKE9PtuWsOGz/
Q28/sL5tkUQC2poDiyaKP/PPleF84JvHzOV/uPNx37rGwZiqokDpm5fkCzVEcfJP
j5X1+MBEgwaG17oRYXwitBIF/c0d6tDqEqKipxUS8drvQsh4+FAfB7KU6UiAXF30
lFBdnhvxYKmDc1wnIooSfwsoVYSJS5L5M39J7P8B+E8VWbW9AuhbIN8tvFjonICK
SdSsyyx0L/GGwr7SJrcUxsJ3OF9PS022iLlMm7eXu1RIcq2MuvkzNWEW1sjO65Rp
eEkATrkHBdjPfE6m+XGidiBnoZlUlP5SVaMvHpm35MwbF+qz/Wg0eJvSfILQstPF
q3NyFB6T7PprZtTlkx7CpmrNkcrKOE1vVs0ktfYn8triWuorAnKqkNaxuXK14zv3
kJN0yyL4UPwlDLOJ05/718Qv910ATzwdmqgQ7LKQoQm4g0LzQvFoZE1oEwnmRZWZ
EcDh41hlG6d5oAgcMxwOO/xKqKMg+P9e1yAKwVd6VsFdLXuU/vqnv+JClBAjRHcL
ohSMjnOeSmwiYLAAj+3jgljPtnyW4Plj71JGQGddsr+zMUy1WFy4Tl9KbX3ldUZw
XZTkuYHdioY=
=+hFz
-----END PGP SIGNATURE-----
|