Hitachi Multiple JP1 Products Denial of Service - Advisories

Software Inspectors

	Scan Online

	Personal (PSI)

	Network (NSI 2.0)

Solutions For

	Security Professionals

	Security Vendors

Free Solutions For

	Open Communities

	Journalists & Media

Secunia Advisories

	Search

	Historic Advisories

	Listed By Product

	Listed By Vendor

	Statistics / Graphs

	Secunia Research

	Report Vulnerability

	About Advisories

Virus Information

	Chronological List

	Last 10 Virus Alerts

	About Virus Information

Secunia Customers

	Customer Area

Hitachi Multiple JP1 Products Denial of Service

Secunia Advisory:	SA19841
Release Date:	2006-04-26
Last Update:	2006-04-28

Critical:	Moderately critical
Impact:	DoS
Where:	From remote
Solution Status:	Vendor Patch

Software:	Hitachi JP1/Automatic Job Management System 2 (AJS2) Hitachi JP1/Cm2/Network Node Manager Hitachi JP1/File Access Control Hitachi JP1/Performance Management (PFM) Hitachi JP1/PFM/SNMP System Observer (SSO) Hitachi JP1/Security Integrated Manager Hitachi JP1/Server Conductor/Blade Server Manager Hitachi JP1/Server Conductor/Server Manager

CVE reference:	CVE-2006-2068 (Secunia mirror)

	Want to know the next time vulnerabilities are fixed in this product? - Companies can be alerted via email and SMS!

Description: A vulnerability has been reported in multiple JP1 products, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error when handling certain specially crafted data or requests. This can be exploited to cause the products to stop responding. The vulnerability has been reported in the following products: * JP1/PFM/SNMP System Observer * JP1/Server System Observer * JP1/Automatic Job Management System 2 * JP1/Performance Management * Cm2/Network Node Manager Enterprise/Unlimited/250, * JP1/Cm2/Network Node Manager Enterprise/250 * JP1/Server Conductor/Blade Server Manager * JP1/Server Conductor/Server Manager * Server Conductor/Blade Server Manager * Server Conductor/Server Manager * System Manager - Management Console * JP1/File Access Control * JP1/Security Integrated Manager Solution: Apply patches (see patch matrix in the vendor advisory). Provided and/or discovered by: Reported by the vendor. Changelog: 2006-04-28: Added CVE reference. Original Advisory: http://www.hitachi-support.com/security_e/vuls_e/HS06-007_e/index-e.html



Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise. Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

3 Related Secunia Security Advisories

1. Hitachi JP1/Cm2/Network Node Manager Unspecified Cross-Site Scripting

2. Hitachi JP1/Cm2/Network Node Manager Shared Trace Service Vulnerability

3. Hitachi JP1/Cm2/Network Node Manager Unspecified Vulnerabilities

Send Feedback to Secunia

If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com. Ideas, suggestions, and other feedback are most welcome.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	Opera Multiple Vulnerabilities

2.	vBulletin Private Message Subject Script Insertion

3.	Microsoft Access Snapshot Viewer ActiveX Control Vulnerability

4.	Microsoft Office Filters Multiple Vulnerabilities

5.	Folder Lock Weak Password Encryption Security Issue

6.	rPath update for kernel and xen

7.	neon "parse_domain() " Denial of Service Vulnerability

8.	Programs Rating "id" SQL Injection Vulnerability

9.	SunShop Shopping Cart class.ajax.php SQL Injection Vulnerabilities

10.	Anzio Web Print Object (WePO) ActiveX Component "mainurl" Buffer Overflow