STE WILLIAMS

HPE yawns, stretches, and patches January OpenSSH bug in virtual access products

HPE customers have just been issued patches related to the lighttpd daemon and OpenSSH for remote access devices.

The vulns are in the company’s HPE Remote Device Access: Virtual Customer Access System (vCAS). vCAS is designed for IT shops to provide remote support access to customer networks.

The company has disclosed three vulnerabilities:

HPE says the bugs “could be exploited remotely resulting in unauthorized modification of information, denial of service, and disclosure of information,” so it’s lumbered into action.

There are separate patches for vCAS systems running on Oracle VirtualBox and VMware. ®

Sponsored:
Accelerated Computing and the Democratization of Supercomputing

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2016/08/31/hpe_patches_jan_openssh_bug/

Comments are closed.