Hitachi Software Division Software Vulnerability Information RSS Feed
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/index.html
Hitachi Software Division Software Vulnerability InformationHitachi, Ltd.All Rights Reserved. Copyright (C) 2007, 2009, Hitachi, Ltd.soft-security@itg.hitachi.co.jp2009-12-22T00:00+09:002007-01-24T00:00+09:002009-12-22T00:00+09:00The StartTLS function is not enabled in Hitachi Storage Command Suite products
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-018/index.html
If a Hitachi Storage Command Suite product uses an LDAP directory server as an external authentication server, the StartTLS function might not be enabled even if the connection protocol is set to use StartTLS.Hitachi, Ltd.soft-security@itg.hitachi.co.jpHS09-018-e2009-12-22T00:00+09:002009-12-22T00:00+09:002009-12-22T00:00+09:00DoS Vulnerability in Cosminexus XML Processor
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-017/index.html
A vulnerability to Denial of Service (DoS) attacks was found in Cosminexus XML Processor. Malicious remote users might exploit this vulnerability to disrupt services.Hitachi, Ltd.soft-security@itg.hitachi.co.jpHS09-017-ehttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-26252009-11-04T00:00+09:002009-11-04T00:00+09:002009-11-04T00:00+09:00Problem where JP1/Automatic Job Management System 2 - View, JP1/Integrated Management - View, and JP1/Cm2/SNMP System Observer abnormally terminate when an invalid GIF file is displayed
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-016/index.html
There is a problem where JP1/Automatic Job Management System 2 - View, JP1/Integrated Management - View, and JP1/Cm2/SNMP System Observer abnormally terminate when an invalid GIF file is displayed.Hitachi, Ltd.soft-security@itg.hitachi.co.jpHS09-016-e2009-09-09T00:00+09:002009-09-09T00:00+09:002009-09-09T00:00+09:00Multiple vulnerabilities in JP1/File Transmission Server/FTP
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-015/index.html
Multiple vulnerabilities exist in JP1/File Transmission Server/FTP.Hitachi, Ltd.soft-security@itg.hitachi.co.jpHS09-015-e2009-09-09T00:00+09:002009-09-09T00:00+09:002009-09-09T00:00+09:00Buffer overflow vulnerability in Cosminexus, Processing Kit for XML, and Hitachi Developer's Kit for Java
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-014/index.html
A buffer overflow vulnerability exists in Cosminexus, Processing Kit for XML, and Hitachi Developer's Kit for Java, when Java applications process GIF files.Hitachi, Ltd.soft-security@itg.hitachi.co.jpHS09-014-ehttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-10982009-12-22T00:00+09:002009-09-09T00:00+09:002009-12-22T00:00+09:00Problem where access rights become invalid in Hitachi Device Manager server IPv6 environments
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-013/index.html
In an IPv6 environment, a client, whose access is normally limited, is sometimes granted access to Hitachi Device Manager server.Hitachi, Ltd.soft-security@itg.hitachi.co.jpHS09-013-e2009-11-04T00:00+09:002009-09-09T00:00+09:002009-11-04T00:00+09:00Problem where access rights become invalid in Groupmax Scheduler Server
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-012/index.html
There is a problem in Groupmax Scheduler Server where the access rights become invalid.Hitachi, Ltd.soft-security@itg.hitachi.co.jpHS09-012-e2009-09-09T00:00+09:002009-09-09T00:00+09:002009-09-09T00:00+09:00Cross-site Scripting Vulnerability in Hitachi Business Logic - Container and Hitachi Business Logic - Container 2
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-011/index.html
A cross-site scripting vulnerability was found in Hitachi Business Logic - Container and Hitachi Business Logic - Container 2.Hitachi, Ltd.soft-security@itg.hitachi.co.jpHS09-011-e2009-07-24T00:00+09:002009-07-24T00:00+09:002009-07-24T00:00+09:00Vulnerability in the Hitachi Web Server Function for Authenticating SSL Clients
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-010/index.html
When Hitachi Web Server receives a request that uses an invalid client certificate, an invalid environment parameter might be set, and a malicious user can impersonate another user.Hitachi, Ltd.soft-security@itg.hitachi.co.jpHS09-010-ehttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-05552009-07-24T00:00+09:002009-07-24T00:00+09:002009-07-24T00:00+09:00DoS Vulnerability in Hitachi Web Server reverse proxy function
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-009/index.html
When Hitachi Web Server uses the reverse proxy function, the amount of used memory might increase because of illegal responses continuously received from the back-end web server.Hitachi, Ltd.soft-security@itg.hitachi.co.jpHS09-009-ehttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-23642009-09-09T00:00+09:002009-07-24T00:00+09:002009-09-09T00:00+09:00Vulnerability in reading arbitrary memory locations by using a parsing zip file API in Cosminexus, Processing Kit for XML, Hitachi Developer's Kit for Java
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-008/index.html
A vulnerability in reading arbitrary memory locations was found in Cosminexus, Processing Kit for XML, Hitachi Developer's Kit for Java with parsing zip file API.Hitachi, Ltd.soft-security@itg.hitachi.co.jpHS09-008-ehttp://www.us-cert.gov/cas/techalerts/TA08-340A.html2009-11-04T00:00+09:002009-07-24T00:00+09:002009-11-04T00:00+09:00Vulnerability in the UTF-8 decode function in Cosminexus, Processing Kit for XML, and Hitachi Developer's Kit for Java
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-007/index.html
A vulnerability in the UTF-8 decode function was found in Cosminexus, Processing Kit for XML, and Hitachi Developer's Kit for Java.Hitachi, Ltd.soft-security@itg.hitachi.co.jpHS09-007-ehttp://www.us-cert.gov/cas/techalerts/TA08-340A.html2009-11-04T00:00+09:002009-07-24T00:00+09:002009-11-04T00:00+09:00Vulnerability in Elevating Privileges for the JP1/VERITAS NetBackup Communications Setup
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-006/index.html
A vulnerability in elevating privileges exists for the JP1/VERITAS NetBackup Communications Setup(SYM09-002).Hitachi, Ltd.soft-security@itg.hitachi.co.jpHS09-006-ehttp://www.symantec.com/avcenter/security/Content/2009.02.17.html2009-06-04T00:00+09:002009-06-04T00:00+09:002009-06-04T00:00+09:00Cross-site Scripting Vulnerability When Using the Status Information Display Function in Hitachi Web Server
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS08-016/index.html
A cross-site scripting vulnerability was found in the status information display function.Hitachi, Ltd.soft-security@itg.hitachi.co.jpHS08-016-ehttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-63882009-06-04T00:00+09:002008-07-11T00:00+09:002009-06-04T00:00+09:00Cross-Site Scripting Vulnerability in the Hitachi Web Server Error Page
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS08-004/index.html
A cross-site scripting vulnerability was found in Hitachi Web Server.Hitachi, Ltd.soft-security@itg.hitachi.co.jpHS08-004-ehttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-62032009-06-04T00:00+09:002008-05-23T00:00+09:002009-06-04T00:00+09:00Cross-Site Scripting Vulnerability in the Hitachi Web Server Imagemap Function
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS07-042/index.html
Using the imagemap function of Hitachi Web Server can cause a vulnerability to cross-site scripting.Hitachi, Ltd.soft-security@itg.hitachi.co.jpHS07-042-ehttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-50002009-06-04T00:00+09:002007-12-13T00:00+09:002009-06-04T00:00+09:00Vulnerability When Using a Reverse Proxy Function of Hitachi Web Server
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS07-039/index.html
When a reverse proxy function of Hitachi Web Server receives an invalid response from a remote backend server, Hitachi Web Server processes might stop abnormally.Hitachi, Ltd.soft-security@itg.hitachi.co.jpHS07-039-ehttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-38472009-06-04T00:00+09:002007-11-30T00:00+09:002009-06-04T00:00+09:00Cross-Site Scripting Vulnerability in Hitachi Web Server Function for Creating Server-Status Pages
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS07-035/index.html
A cross-site scripting vulnerability was found in Hitachi Web Server. Malicious remote users can exploit this vulnerability to insert malicious scripts into a server-status page of Hitachi Web Server, and then execute them on the client.Hitachi, Ltd.soft-security@itg.hitachi.co.jpHS07-035-ehttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-57522009-06-04T00:00+09:002007-10-31T00:00+09:002009-06-04T00:00+09:00Vulnerability in Hitachi Web Server Function for Authenticating SSL Clients
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS07-034/index.html
Hitachi Web Server might verify a forged signature in an SSL client certificate.Hitachi, Ltd.soft-security@itg.hitachi.co.jpHS07-034-ehttp://www.kb.cert.org/vuls/id/845620http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-43392009-06-04T00:00+09:002007-10-31T00:00+09:002009-06-04T00:00+09:00Multiple Vulnerabilities in uCosminexus Portal Framework
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-005/index.html
Multiple vulnerabilities were found in uCosminexus Portal Framework.Hitachi, Ltd.soft-security@itg.hitachi.co.jpHS09-005-e2009-03-31T00:00+09:002009-03-31T00:00+09:002009-03-31T00:00+09:00DoS vulnerability in JP1/Cm2/Network Node Manager
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-004/index.html
A vulnerability to Denial of Service (DoS) attacks was found in JP1/Cm2/Network Node Manager's (abbreviated hereafter to NNM) Shared Trace Service.Hitachi, Ltd.soft-security@itg.hitachi.co.jpHS09-004-e2009-03-31T00:00+09:002009-03-31T00:00+09:002009-03-31T00:00+09:00Access Control Vulnerabilities When Using Groupmax World Wide Web Desktop Version 6 in a Load Balancing Environment
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-003/index.html
Access control vulnerabilities were found when using Groupmax World Wide Web Desktop Version 6 in a load balancing environment.Hitachi, Ltd.soft-security@itg.hitachi.co.jpHS09-003-e2009-03-31T00:00+09:002009-03-31T00:00+09:002009-03-31T00:00+09:00Vulnerabilities in Microsoft GDI+ (MS08-052) in JP1/VERITAS Backup Exec for Windows Servers
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-002/index.html
The vunerabilities described in "Vulnerabilities in GDI+ Could Allow Remote Code Execution" relate to Microsoft SQL Server 2005 Express Edition, which JP1/VERITAS Backup Exec for Windows Servers uses.Hitachi, Ltd.soft-security@itg.hitachi.co.jpHS09-002-ehttp://www.microsoft.com/technet/security/Bulletin/MS08-052.mspx2009-03-31T00:00+09:002009-03-31T00:00+09:002009-03-31T00:00+09:00JP1/VERITAS Backup Exec Authentication Bypass and Buffer Overflow Vulnerabilities
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-001/index.html
Authentication bypass and buffer overflow vulnerabilities were found in JP1/VERITAS Backup Exec for Windows Servers (SYM08-021).Hitachi, Ltd.soft-security@itg.hitachi.co.jpHS09-001-ehttp://securityresponse.symantec.com/avcenter/security/Content/2008.11.19.html2009-03-31T00:00+09:002009-03-31T00:00+09:002009-03-31T00:00+09:00