Home Unlabelled IBM Security Bulletin: Multiple vulnerabilities with the Nginx web server used in IBM Aspera Shares 1.9.2 and earlier

IBM Security Bulletin: Multiple vulnerabilities with the Nginx web server used in IBM Aspera Shares 1.9.2 and earlier

By
Monday, October 24, 2016
Read
Add Comment

IBM Aspera Shares Application uses Nginx as its web server. A number of vulnerabilities were discovered with earlier versions of Nginx that can cause denial of service application crashes.

CVE(s): CVE-2016-0742, CVE-2016-0746, CVE-2016-0747, CVE-2016-4450

Affected product(s) and affected version(s):

IBM Aspera Shares Application 1.9.2 or earlier

Remediation/Fixes
Upgrade to IBM Aspera Shares Application 1.9.4 or later for Linux or 1.9.6 or later for Windows from the Aspera downloads site.

For unsupported versions of the IBM Aspera Shares Application, IBM recommends upgrading to a fixed, supported version/release/platform of the product.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2eD2fHE -earlier
X-Force Database: http://ift.tt/2dv8i3T
X-Force Database: http://ift.tt/2dNqtgj
X-Force Database: http://ift.tt/2dv93tu
X-Force Database: http://ift.tt/29OEayj



from IBM Product Security Incident Response Team http://ift.tt/2eD2ym1
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us