Piergiorgio Venuti

Updates IaaS Infrastructure – version 5.0

La nuova infrastruttura IaaS è stata rilasciata il giorno 3 Febbraio 2017!

Di seguito vengono riportate i miglioramenti e i fix inclusi nel servizio IaaS nella sua versione 5.0:

Tipo Descrizione
Miglioramento Redis è usato per il lock delle operazioni LVM.
Miglioramento Il pacchetto Ruby per RHEL/CentOS 5.x è compilato con OpenSSL 1.0.1e.
Miglioramento Erlang aggiornato alla versione 18.3.
Miglioramento Migliorata l’affidabilità del sistema e il Cloud engine.
Fix Risolto il problema in cui dopo aver modificato un disco di swap aggiunto manualmente (costruito o collegato), il disco veniva rimosso dal file fstab e non era più disponibile.
Fix Risolto il problema in cui i virtual server creati su vCloud venivano spenti dopo l’aumento dello spazio disco.
Fix Risolto il problema in cui, sotto determinate condizioni, il gruppo utente vCloud creato da GUI veniva duplicato.
Fix Risolto il problema in cui, in ambiente multi-vCenter, le statistiche non venivano collezionate per tutte le istanze vCenter.
Fix Risolto il problema con l’aggiunta di media in vCloud Director VS.
Fix Risolto il problema in cui, nella cancellazione di file nel catalogo vCloud Directory la modifica non veniva aggiornata nella console.
Fix Risolto il problema in cui la console vCloud non visualizzava la corretta dimensione delle macchina virtuali Windows.
Fix Risolto il problema in cui le password non veniva sincronizzata in vCloud Directory dopo che un amministratore modificava il profile utente nella GUI.
Fix Risolto il problema in cui era impossibile caricare un’immagine ISO con l’estensione del file in maiuscolo.
Fix Risolto il problema in cui che disabilitava le regole firewall.
Fix Risolto il problema in cui la costruzione di una macchina Windows falliva se il nome utente conteneva caratteri incompatibile con la codifica: ASCII-8BIT e UTF-8.
Fix Risolti un insieme di bug minori relativi all’integrazione VPN IPsec con vCloud Director.
Fix Risolto il problema della creazione di una macchina Windows da immagine ISO.
Fix Risolto il problema per le transazioni backup.
Fix Risolto il problema dell’autoscaling per i cluster in load balancer.

 

Condividi


RSS

Piu’ articoli…

Categorie …

Tags

RSS CSIRT

RSS Dark Reading:

RSS Full Disclosure

  • Backdoor.Win32.Zombam.gen / Information Disclosure Giugno 15, 2021
    Posted by malvuln on Jun 15Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/ff6516c881dee555b0cd253408b64404_D.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Zombam.gen Vulnerability: Information Disclosure Description: Zombam malware listens on TCP port 80 and deploys an unsecured HTML Web UI for basic remote administration capability. Third-party attackers who can reach an infected...
  • Backdoor.Win32.VB.pld / Unauthenticated Remote Command Execution Giugno 15, 2021
    Posted by malvuln on Jun 15Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/6ff35087d789f7aca6c0e3396984894e_B.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.VB.pld Vulnerability: Unauthenticated Remote Command Execution Description: The malware listens on TCP port 4000. Third-party attackers who can reach infected systems can connect to port 4000 and run commands made available […]
  • Backdoor.Win32.VB.pld / Insecure Transit Giugno 15, 2021
    Posted by malvuln on Jun 15Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/6ff35087d789f7aca6c0e3396984894e.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.VB.pld Vulnerability: Insecure Transit Description: The malware listens on TCP port 4000 and has a chat feature "Hnadle-X Pro V1.0 Text Chat". Messages are passed in unencrypted plaintext across the network. […]
  • popo2, kernel/tun driver bufferoverflow. Giugno 15, 2021
    Posted by KJ Jung on Jun 15Linux kernel 5.4 version. latest. __tun_chr_ioctl function of ~/drivers/net/tun.c has a stack buffer overflow vulnerability. it get's arg, ifreq_len, and copy the arg(argp) to ifr(ifreq struct) and this steps are no bounds-checking. if cmd == TUNSETIFF or TUNSETQUEUE or and so on condition then it's enter copy_from_user function area.
  • Onapsis Security Advisory 2021-0014: Missing authorization check in SAP Solution Manager LM-SERVICE Component SP 11 PL 2 Giugno 14, 2021
    Posted by Onapsis Research via Fulldisclosure on Jun 14# Onapsis Security Advisory 2021-0014: Missing authorization check in SAP Solution Manager LM-SERVICE Component SP 11 PL 2 ## Impact on Business Due to a missing authorization check in SAP Solution Manager LM-SERVICE component a remote authenticated attacker could be able to execute privileged actions in the […]
  • Onapsis Security Advisory 2021-0013: [CVE-2020-26829] - Missing Authentication Check In SAP NetWeaver AS JAVA P2P Cluster communication Giugno 14, 2021
    Posted by Onapsis Research via Fulldisclosure on Jun 14# Onapsis Security Advisory 2021-0013: [CVE-2020-26829] - Missing Authentication Check In SAP NetWeaver AS JAVA P2P Cluster communication ## Impact on Business A malicious unauthenticated user could abuse the lack of authentication check on SAP Java P2P cluster communication, in order to connect to the respective TCP […]
  • Onapsis Security Advisory 2021-0012: SAP Manufacturing Integration and Intelligence lack of server side validations leads to RCE Giugno 14, 2021
    Posted by Onapsis Research via Fulldisclosure on Jun 14# Onapsis Security Advisory 2021-0012: SAP Manufacturing Integration and Intelligence lack of server side validations leads to RCE ## Impact on Business By abusing a Code Injection in SAP MII, an authenticated user with SAP XMII Developer privileges could execute code (including OS commands) on the server. […]
  • Onapsis Security Advisory 2021-0011 Missing authorization check in SolMan End-User Experience Monitoring Giugno 14, 2021
    Posted by Onapsis Research via Fulldisclosure on Jun 14# Onapsis Security Advisory 2021-0011: Missing authorization check in SolMan End-User Experience Monitoring ## Impact on Business Any authenticated user of the Solution Manager is able to craft/upload and execute EEM scripts on the SMDAgents affecting its Integrity, Confidentiality and Availability. ## Advisory Information - Public Release […]
  • Onapsis Security Advisory 2021-0010: File exfiltration and DoS in SolMan End-User Experience Monitoring Giugno 14, 2021
    Posted by Onapsis Research via Fulldisclosure on Jun 14# Onapsis Security Advisory 2021-0010: File exfiltration and DoS in SolMan End-User Experience Monitoring ## Impact on Business The End-User Experience Monitoring (EEM) application, part of the SAP Solution Manager, is vulnerable to path traversal. As a consequence, an unauthorized attacker would be able to read sensitive […]
  • Onapsis Security Advisory 2021-0009: Hard-coded Credentials in CA Introscope Enterprise Manager Giugno 14, 2021
    Posted by Onapsis Research via Fulldisclosure on Jun 14# Onapsis Security Advisory 2021-0009: Hard-coded Credentials in CA Introscope Enterprise Manager ## Impact on Business Unauthenticated attackers can bypass the authentication if the default passwords for Admin and Guest have not been changed by the administrator. This may impact the confidentiality of the service. ## Advisory […]

Customers

Newsletter