Security Bulletin: Multiple vulnerabilities in Ubuntu affect IBM API Connect Developer Portal

Summary

IBM API Connect Developer Portal has addressed the following vulnerabilities.

Vulnerability Details

CVEID:CVE-2018-1126**
DESCRIPTION: *procps-ng procps is vulnerable to a buffer overflow, caused by improper bounds checking. By sending a specially crafted request, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVSS Base Score: 7.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/143456 for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
**
CVEID: CVE-2018-1125
DESCRIPTION: *procps-ng procps is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. By sending a specially crafted request, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVSS Base Score: 7.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/143455 for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
**
CVEID: CVE-2018-1124
DESCRIPTION: *procps-ng procps could allow a local authenticated attacker to gain elevated privileges on the system, caused by an integer overflow in the file2strvec function in libprocps. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
CVSS Base Score: 7.8
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/143454 for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
**
CVEID: CVE-2018-1123
DESCRIPTION: *procps-ng procps is vulnerable to a denial of service, caused by a mmap-based buffer overflow flaw in the ps function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/143453 for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
**
CVEID: CVE-2018-1122
DESCRIPTION: *procps-ng procps could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw when the HOME environment variable is unset or empty. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
CVSS Base Score: 7.8
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/143452 for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
**
CVEID: CVE-2018-1000301
DESCRIPTION: *curl is vulnerable to a denial of service, caused by heap-based buffer over-read. By sending a specially crafted RTSP response, a remote attacker could overflow a buffer and possibly obtain sensitive information or cause the application to crash.
CVSS Base Score: 6.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/143390 for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L)
**
CVEID: CVE-2018-1000300
DESCRIPTION: *curl is vulnerable to a heap-based buffer overflow, caused by improper bounds checking when closing down an FTP connection with very long server command replies. By sending an overly long FTP shutdown response, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVSS Base Score: 7.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/143388 for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
**
CVEID: CVE-2018-0494
DESCRIPTION: *GNU Wget could allow a remote attacker to bypass security restrictions, caused by the failure to properly process Set-Cookie responses. By sending a specially crafted Set-Cookie -header request, an attacker could exploit this vulnerability to inject arbitrary cookies into the cookie jar file and set and modify cookies on the target system.
CVSS Base Score: 7.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/142899 for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)

Affected Products and Versions

Affected API Connect

|

Affected Versions

—|—
IBM API Connect| 5.0.0.0-5.0.8.3

Remediation/Fixes

Affected Product

|

Addressed in VRMF

|

APAR

|

Remediation / First Fix

—|—|—|—
IBM API Connect
| 5.0.8.3 iFix| LI80174 | Addressed in IBM API Connect V5.0.8.3 iFix.

Developer Portal is impacted.

Follow this link and find the
“APIConnect-Portal” package dated on or after 2018/06/11:

https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+API+Connect&release=5.0.8.3&platform=All&function=all

Workarounds and Mitigations

None