ESA-2016-161: EMC Isilon OneFS LDAP Injection Vulnerability

--_002_1BF8853173D9704A93EF882F85952A891CF363MX304CL04corpemcc_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable



--_002_1BF8853173D9704A93EF882F85952A891CF363MX304CL04corpemcc_
Content-Type: text/plain; name="ESA-2016-161.txt"
Content-Description: ESA-2016-161.txt
Content-Disposition: attachment; filename="ESA-2016-161.txt"; size=3585;
	creation-date="Thu, 05 Jan 2017 13:46:42 GMT";
	modification-date="Wed, 18 Jan 2017 15:25:06 GMT"
Content-Transfer-Encoding: base64

LS0tLUJFR0lOIFBHUCBTSUdORUQgTUVTU0FHRS0tLS0tDQpIYXNoOiBTSEEyNTYNCg0KRVNBLTIw
MTYtMTYxOiBFTUMgSXNpbG9uIE9uZUZTIExEQVAgSW5qZWN0aW9uIFZ1bG5lcmFiaWxpdHkgDQoN
CkVNQyBJZGVudGlmaWVyOiBFU0EtMjAxNi0xNjEgDQoNCkNWRSBJZGVudGlmaWVyOiAgQ1ZFLTIw
MTYtOTg3MA0KDQpTZXZlcml0eSBSYXRpbmc6IENWU1MgdjMgQmFzZSBTY29yZTogNi4wIChBVjpM
L0FDOkwvUFI6SC9VSTpOL1M6VS9DOkgvSTpIL0E6TikNCg0KQWZmZWN0ZWQgcHJvZHVjdHM6ICAN
CpUJRU1DIElzaWxvbiBPbmVGUyA4LjAuMC4wDQqVCUVNQyBJc2lsb24gT25lRlMgNy4yLjEuMCAt
IDcuMi4xLjINCpUJRU1DIElzaWxvbiBPbmVGUyA3LjIuMC54DQqVCUVNQyBJc2lsb24gT25lRlMg
Ny4xLjEuMCAtIDcuMS4xLjEwDQqVCUVNQyBJc2lsb24gT25lRlMgNy4xLjAueA0KDQpTdW1tYXJ5
OiAgDQpFTUMgSXNpbG9uIE9uZUZTIGlzIGFmZmVjdGVkIGJ5IGFuIExEQVAgaW5qZWN0aW9uIHZ1
bG5lcmFiaWxpdHkgdGhhdCBjb3VsZCBwb3RlbnRpYWxseSBiZSBleHBsb2l0ZWQgYnkgYSBtYWxp
Y2lvdXMgdXNlciB0byBjb21wcm9taXNlIHRoZSBzeXN0ZW0uDQoNCkRldGFpbHM6IA0KQSBtYWxp
Y2lvdXMgaGlnaC1wcml2aWxlZ2VkIGxvY2FsIHVzZXIgbWF5IGxldmVyYWdlIHRoZSBMREFQIGlu
amVjdGlvbiB2dWxuZXJhYmlsaXR5IGJ5IGluamVjdGluZyBhbiBhc3RlcmlzayBpbnRvIGEgdXNl
cm5hbWUgaW4gTERBUCBzZWFyY2hlcywgd2hpY2ggbWF5IGVuYWJsZSB0aGUgYXR0YWNrZXIgdG8g
aW1wZXJzb25hdGUgb3RoZXIgdXNlcnMgb24gdGhlIHN5c3RlbS4NCg0KUmVzb2x1dGlvbjogIA0K
VGhlIGZvbGxvd2luZyB2ZXJzaW9ucyBvZiBFTUMgSXNpbG9uIE9uZUZTIHJlbWVkaWF0ZSB0aGlz
IHZ1bG5lcmFiaWxpdHk6ICAgDQqVCUVNQyBJc2lsb24gT25lRlMgOC4wLjAuMSBhbmQgbGF0ZXIN
CpUJRU1DIElzaWxvbiBPbmVGUyA3LjIuMS4zIGFuZCBsYXRlcg0KlQlFTUMgSXNpbG9uIE9uZUZT
IDcuMS4xLjExIGFuZCBsYXRlcg0KRU1DIHJlY29tbWVuZHMgdGhhdCBhbGwgY3VzdG9tZXJzIHVw
Z3JhZGUgdG8gYSB2ZXJzaW9uIGNvbnRhaW5pbmcgdGhlIHJlc29sdXRpb24gYXQgdGhlIGVhcmxp
ZXN0IG9wcG9ydHVuaXR5LiBJZiB5b3UgY2Fubm90IHVwZ3JhZGUgYXQgdGhpcyB0aW1lLCB5b3Ug
Y2FuIHBlcmZvcm0gdGhlIHdvcmthcm91bmQgYmVsb3cuDQpXb3JrYXJvdW5kOg0KRG8gbm90IGFs
bG93IGFzdGVyaXNrcyBpbiB1c2VyIG5hbWVzLiANCg0KTGluayB0byByZW1lZGllczoNClJlZ2lz
dGVyZWQgRU1DIE9ubGluZSBTdXBwb3J0IGN1c3RvbWVycyBjYW4gZG93bmxvYWQgT25lRlMgaW5z
dGFsbGF0aW9uIGZpbGVzIGZyb20gdGhlIERvd25sb2FkcyBmb3IgSXNpbG9uIE9uZUZTIHBhZ2Ug
b2YgdGhlIEVNQyBPbmxpbmUgU3VwcG9ydCBzaXRlIGF0IGh0dHBzOi8vc3VwcG9ydC5lbWMuY29t
L2Rvd25sb2Fkcy8xNTIwOV9Jc2lsb24tT25lRlMuIA0KDQpJZiB5b3UgaGF2ZSBhbnkgcXVlc3Rp
b25zLCBwbGVhc2UgY29udGFjdCBFTUMgU3VwcG9ydC4NCg0KDQpSZWFkIGFuZCB1c2UgdGhlIGlu
Zm9ybWF0aW9uIGluIHRoaXMgRU1DIFNlY3VyaXR5IEFkdmlzb3J5IHRvIGFzc2lzdCBpbiBhdm9p
ZGluZyBhbnkgc2l0dWF0aW9uIHRoYXQgbWlnaHQgYXJpc2UgZnJvbSB0aGUgcHJvYmxlbXMgZGVz
Y3JpYmVkIGhlcmVpbi4gSWYgeW91IGhhdmUgYW55IHF1ZXN0aW9ucyByZWdhcmRpbmcgdGhpcyBw
cm9kdWN0IGFsZXJ0LCBjb250YWN0IEVNQyBTb2Z0d2FyZSBUZWNobmljYWwgU3VwcG9ydCBhdCAx
LTg3Ny01MzQtMjg2Ny4NCg0KRm9yIGFuIGV4cGxhbmF0aW9uIG9mIFNldmVyaXR5IFJhdGluZ3Ms
IHJlZmVyIHRvIEVNQyBLbm93bGVkZ2ViYXNlIHNvbHV0aW9uIGVtYzIxODgzMS4gRU1DIHJlY29t
bWVuZHMgYWxsIGN1c3RvbWVycyB0YWtlIGludG8gYWNjb3VudCBib3RoIHRoZSBiYXNlIHNjb3Jl
IGFuZCBhbnkgcmVsZXZhbnQgdGVtcG9yYWwgYW5kIGVudmlyb25tZW50YWwgc2NvcmVzIHdoaWNo
IG1heSBpbXBhY3QgdGhlIHBvdGVudGlhbCBzZXZlcml0eSBhc3NvY2lhdGVkIHdpdGggcGFydGlj
dWxhciBzZWN1cml0eSB2dWxuZXJhYmlsaXR5Lg0KDQpFTUMgQ29ycG9yYXRpb24gZGlzdHJpYnV0
ZXMgRU1DIFNlY3VyaXR5IEFkdmlzb3JpZXMsIGluIG9yZGVyIHRvIGJyaW5nIHRvIHRoZSBhdHRl
bnRpb24gb2YgdXNlcnMgb2YgdGhlIGFmZmVjdGVkIEVNQyBwcm9kdWN0cywgaW1wb3J0YW50IHNl
Y3VyaXR5IGluZm9ybWF0aW9uLiBFTUMgcmVjb21tZW5kcyB0aGF0IGFsbCB1c2VycyBkZXRlcm1p
bmUgdGhlIGFwcGxpY2FiaWxpdHkgb2YgdGhpcyBpbmZvcm1hdGlvbiB0byB0aGVpciBpbmRpdmlk
dWFsIHNpdHVhdGlvbnMgYW5kIHRha2UgYXBwcm9wcmlhdGUgYWN0aW9uLiBUaGUgaW5mb3JtYXRp
b24gc2V0IGZvcnRoIGhlcmVpbiBpcyBwcm92aWRlZCAiYXMgaXMiIHdpdGhvdXQgd2FycmFudHkg
b2YgYW55IGtpbmQuIEVNQyBkaXNjbGFpbXMgYWxsIHdhcnJhbnRpZXMsIGVpdGhlciBleHByZXNz
IG9yIGltcGxpZWQsIGluY2x1ZGluZyB0aGUgd2FycmFudGllcyBvZiBtZXJjaGFudGFiaWxpdHks
IGZpdG5lc3MgZm9yIGEgcGFydGljdWxhciBwdXJwb3NlLCB0aXRsZSBhbmQgbm9uLWluZnJpbmdl
bWVudC4gSW4gbm8gZXZlbnQsIHNoYWxsIEVNQyBvciBpdHMgc3VwcGxpZXJzLCBiZSBsaWFibGUg
Zm9yIGFueSBkYW1hZ2VzIHdoYXRzb2V2ZXIgaW5jbHVkaW5nIGRpcmVjdCwgaW5kaXJlY3QsIGlu
Y2lkZW50YWwsIGNvbnNlcXVlbnRpYWwsIGxvc3Mgb2YgYnVzaW5lc3MgcHJvZml0cyBvciBzcGVj
aWFsIGRhbWFnZXMsIGV2ZW4gaWYgRU1DIG9yIGl0cyBzdXBwbGllcnMgaGF2ZSBiZWVuIGFkdmlz
ZWQgb2YgdGhlIHBvc3NpYmlsaXR5IG9mIHN1Y2ggZGFtYWdlcy4gU29tZSBzdGF0ZXMgZG8gbm90
IGFsbG93IHRoZSBleGNsdXNpb24gb3IgbGltaXRhdGlvbiBvZiBsaWFiaWxpdHkgZm9yIGNvbnNl
cXVlbnRpYWwgb3IgaW5jaWRlbnRhbCBkYW1hZ2VzLCBzbyB0aGUgZm9yZWdvaW5nIGxpbWl0YXRp
b24gbWF5IG5vdCBhcHBseS4NCg0KDQotLS0tLUJFR0lOIFBHUCBTSUdOQVRVUkUtLS0tLQ0KVmVy
c2lvbjogR251UEcgdjINCg0KaVFFY0JBRUJDQUFHQlFKWWY0aTlBQW9KRUhiY3UrZnNFODFaUmJ3
SC8yenFoN2E0eVVNQTFwdVg2LzVIeE1sag0KL0hUbit5MzNpU2Z4Vm9EaTA5WURGckttc0R0N0JC
ZU9XakswU1lSQnJNOW1hVVhuN2pYNzVVOUVUZGNZMTU2Nw0KamwxOWF6Tnk1YTAyaHE4WVk3cTll
bTdqbTI2S0NNWGFLdnNSTnk1cng4TUQ0SEY0VXY0NWtOQ1E1cXBmVnBwSg0KMTdzeTRmaWw3QXhV
Y2g2N01Vd3d2aG51UTRQN1F6dEFkVDQ3cHA0amZyU3BpUUgzZjlYeE4rUFhYNzRtUDNpSg0KYmVz
QkI0dTJCblhHZ0JIb1k1UjVSU3RZZFFqYU1pL0xGbTh4eXRyTFFNTG4vTFE0UGg5TmcybVFmSGts
YjdELw0KaVR1YjMxcHpXcHZtekV1RUNaSHFPbDFMaGhBRGRPazZoZFdCUUY3SnhrdG53c3o4Rm5S
RVlXaWR5QUdSWXJnPQ0KPVhlcVgNCi0tLS0tRU5EIFBHUCBTSUdOQVRVUkUtLS0tLQ0K

--_002_1BF8853173D9704A93EF882F85952A891CF363MX304CL04corpemcc_--