Where are you getting the bulletins/alerts from? I wouldn't have know about it if it wasn't for your posting. I have passed this on to my folks - we too have old clients going back to 5.3 and older (IRIX?)
On Wed, Feb 25, 2015 at 12:55 PM, Thomas Denier <[email protected] > wrote: > The body of the bulletin I received states that the affected platforms are > AIX, HP-UX, Linux, Solaris, and Mac. > > -----Original Message----- > From: ADSM: Dist Stor Manager [mailto:[email protected]] On Behalf Of > Zoltan Forray > Sent: Wednesday, February 25, 2015 12:12 PM > To: [email protected] > Subject: Re: [ADSM-L] Privilege escalation bug > > Does not specifically say if it includes SOLARIS (only says "*UNIX, Linux, > and OS X allows local users to gain privileges via unspecified vectors.*"). > Do I assume since it says "UNIX" SOLARIS is includes? We have some old > Domino Solaris boxes (supposed to go away some time soon....) still running > 6.1.3.... > > > > On Wed, Feb 25, 2015 at 10:56 AM, Thomas Denier < > [email protected] > > wrote: > > > I received a security bulletin from IBM yesterday regarding "Tivoli > > Storage Manager Stack-based Buffer Overflow Elevation of Privilege: > > CVE-2014-6184". The affected version/release combinations listed in > > the bulletin run from 5.4 to 6.3. We still have one Linux system with > > 5.3 client code. Can I treat the list of affected releases as an > > explicit assurance that the 5.3 client does not have the vulnerability > > discussed in the bulletin? The alternative possibility that worries me > > is that 5.4 is the oldest level IBM thought it worthwhile to check. > > > > Thomas Denier > > Thomas Jefferson University > > The information contained in this transmission contains privileged and > > confidential information. It is intended only for the use of the > > person named above. If you are not the intended recipient, you are > > hereby notified that any review, dissemination, distribution or > > duplication of this communication is strictly prohibited. If you are > > not the intended recipient, please contact the sender by reply email > > and destroy all copies of the original message. > > > > CAUTION: Intended recipients should NOT use email communication for > > emergent or urgent health care matters. > > > > > > -- > *Zoltan Forray* > TSM Software & Hardware Administrator > Hobbit / Xymon Administrator > Virginia Commonwealth University > UCC/Office of Technology Services > [email protected] - 804-828-4807 > Don't be a phishing victim - VCU and other reputable organizations will > never use email to request that you reply with your password, social > security number or confidential personal information. For more details > visit http://infosecurity.vcu.edu/phishing.html > The information contained in this transmission contains privileged and > confidential information. It is intended only for the use of the person > named above. If you are not the intended recipient, you are hereby notified > that any review, dissemination, distribution or duplication of this > communication is strictly prohibited. If you are not the intended > recipient, please contact the sender by reply email and destroy all copies > of the original message. > > CAUTION: Intended recipients should NOT use email communication for > emergent or urgent health care matters. > > -- *Zoltan Forray* TSM Software & Hardware Administrator Hobbit / Xymon Administrator Virginia Commonwealth University UCC/Office of Technology Services [email protected] - 804-828-4807 Don't be a phishing victim - VCU and other reputable organizations will never use email to request that you reply with your password, social security number or confidential personal information. For more details visit http://infosecurity.vcu.edu/phishing.html
