Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93105 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

HP Broadcom NIC firmware update


  • Please log in to reply
1 reply to this topic

#1 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 16 March 2010 - 11:02 AM

FYI...

HP Broadcom Integrated NIC firmware update...
- http://secunia.com/advisories/39003/
Release Date: 2010-03-16
Last Update: 2010-03-26
Criticality level: Highly critical
Impact: System access
Software:
Broadcom Integrated NIC Management Firmware for HP PCs 1.x
Broadcom Integrated NIC Management Firmware for HP PCs 8.x
Solution: Update to version 1.40.0.0 or 8.08 (available via softpaq SP47557).
CVE Reference(s): CVE-2010-0104
Original Advisory: HPSBGN02511 SSRT100022:
http://h20000.www2.h...ectID=c02048471
Potential Security Impact: Remote execution of arbitrary code...
... Products containing the Broadcom Integrated NIC firmware listed at the HP URL above...

- http://web.nvd.nist....d=CVE-2010-0104
Last revised: 03/19/2010 - "Unspecified vulnerability in the Broadcom Integrated NIC Management Firmware 1.x before 1.40.0.0 and 8.x before 8.08 on the HP Small Form Factor and Microtower platforms allows remote attackers to execute arbitrary code via unknown vectors..."
CVSS v2 Base Score: 10.0 (HIGH)

:ph34r:

Edited by AplusWebMaster, 26 March 2010 - 04:15 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

    Advertisements

Register to Remove


#2 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 26 March 2010 - 04:17 AM

FYI...

Broadcom NetXtreme integrated NIC firmware - update available
- http://secunia.com/advisories/39107/
Release Date: 2010-03-26
Criticality level: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch
Operating System: Broadcom NetXtreme Series
Original Advisory: US-CERT VU#512705:
http://www.kb.cert.org/vuls/id/512705

> http://www.kb.cert.o.../id/CRDY-83VKGZ
Date Updated: 2010-03-25 - "...Vendor Statement
Affected devices are only vulnerable when Secure ASF (RMCP/RSP) manageability is enabled on the platform , which may not be the typical default system configuration.
Affected devices and the latest vulnerable management firmware version are:
BCM5751, BCM5752, BCM5753, BCM5754, BCM5755, BCM5756, BCM5764, BCM5787: v8.04, BCM57760: v8.07, BCM5761: v1.24.0.9
Updated versions of management firmware for all affected devices is now available to PC OEMs as part of the Broadcom NetXtreme 14.0 software release.
Available work-arounds include: disabling the management firmware and/or Secure ASF (RSP) support and blocking UDP port 664 traffic from unauthorized sources in enterprise firewalls.
Vendor Information: The vendor has not provided us with any further information regarding this vulnerability..."

- http://www.broadcom....mine_driver.php

> http://h20000.www2.h...ectID=c02048471
"... HP Small Form Factor or Microtower PC with Broadcom Integrated NIC Firmware, Remote Execution of Arbitrary Code...
Broadcom Integrated NIC Firmware...
RESOLUTION: HP has made softpaq SP47557 available to resolve the vulnerability.
This softpaq is available at ftp://ftp.hp.com/pub/softpaq/sp47501-48000/sp47557.exe "

- http://web.nvd.nist....d=CVE-2010-0104
Last revised: 03/19/2010 - "Unspecified vulnerability in the Broadcom Integrated NIC Management Firmware 1.x before 1.40.0.0 and 8.x before 8.08 on the HP Small Form Factor and Microtower platforms allows remote attackers to execute arbitrary code via unknown vectors..."
CVSS v2 Base Score: 10.0 (HIGH)

:ph34r:

Edited by AplusWebMaster, 26 March 2010 - 09:28 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users