Dell patches virtual storage software against OpenSSL, Apache bugs

By

Text4Shell among the bug-fixes.

Dell has been moved to patch vulnerabilities inherited from Apache and OpenSSL.

Dell patches virtual storage software against OpenSSL, Apache bugs

The fixes are for the Dell Virtual Storage Integrator for VMware vSphere client and are outlined in this advisory.

The Apache fix is for the Text4Shell vulnerability, CVE-2022-42889, revealed in mid-October. 

In some cases, the CVE advisory explained, Apache Commons versions 1.5 to 1.9 use a Java text manipulation library that can be attacked to gain access to the underlying host.

The OpenSSL bugs, CVE-2022-3602 and CVE-2022-3786, are buffer overruns in how the encryption library handles X.509 certificates and were disclosed and patched earlier this month.

Dell has also updated two older advisories covering its EMC VxRail software.

In one, fixes have been added for a number of VxM SUSE Linux bugs; and in the other, a number of CVEs have been added to the advisory.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

Eagers Automotive finds unauthorised access to parts of IT systems

Eagers Automotive finds unauthorised access to parts of IT systems

Hackers hit Victoria's court recording database

Hackers hit Victoria's court recording database

St Vincent's Health Australia warns cyber attack forensics could "take some time"

St Vincent's Health Australia warns cyber attack forensics could "take some time"

Yakult Australia confirms cyber incident

Yakult Australia confirms cyber incident

Log In

  |  Forgot your password?