Hitachi JP1/HIBUN Advanced Edition Multiple Unspecified Local Information Disclosure Vulnerabilities

Bugtraq ID:	30475
Class:	Unknown
CVE:
Remote:	No
Local:	Yes
Published:	May 23 2008 12:00AM
Updated:	Jul 31 2008 10:37PM
Credit:	The vendor disclosed these issues.
Vulnerable:	Hitachi JP1/Hibun Advanced Edition Information Fortress Hitachi JP1/Hibun Advanced Edition Information Cypher
Not Vulnerable:

Hitachi JP1/HIBUN Advanced Edition Multiple Unspecified Local Information Disclosure Vulnerabilities

Hitachi JP1/HIBUN Advanced Edition is prone to multiple information-disclosure vulnerabilities that affect encryption, decryption, and data-reproduction functions.

An unprivileged local attacker may exploit these issues to obtain sensitive information.

These issues affect the following applications:

JP1/HIBUN Advanced Edition Information Cypher
JP1/HIBUN Advanced Edition Information Fortress

The following versions are vulnerable:

07-80 to 07-80-/E
07-80-SA to 07-80-SF
08-01

Hitachi JP1/HIBUN Advanced Edition Multiple Unspecified Local Information Disclosure Vulnerabilities

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Hitachi JP1/HIBUN Advanced Edition Multiple Unspecified Local Information Disclosure Vulnerabilities

Solution:
The vendor has released an advisory and fixes. Please see the references for more information.

Hitachi JP1/HIBUN Advanced Edition Multiple Unspecified Local Information Disclosure Vulnerabilities

References:

• Hibun Homepage (Hitachi)
  
• JVNDB-2008-001150 JP1/HIBUN Encyption/Decryption and Removable Media Control Mal (JVN)
  
• HS08-005 Problem in JP1/HIBUN Encryption, Decryption, and Data Reproduction Func (Hitachi)