Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM2EB88EA4D78F737250FE1F53A5FBA5002C9D5DB0B0AC64AEA952FE8504CD5896
HistoryMar 28, 2019 - 5:55 p.m.

Security Bulletin: IBM Security Directory Suite is affected by multiple vulnerabilities (CVE-2016-10142, CVE-2015-3331, CVE-2014-2523)

2019-03-2817:55:02
www.ibm.com
26

0.075 Low

EPSS

Percentile

94.1%

JSON

Summary

IBM Security Directory Suite (ISDS) has addressed the following vulnerabilities due to buffer overflow, remote arbitrary code execution, and denial of service.

Vulnerability Details

CVEID: CVE-2016-10142 DESCRIPTION: The IETF IPv6 protocol is vulnerable to a denial of service. By leveraging the generation of IPv6 atomic fragments and using the fragments in an arbitrary IPv6 flow, a remote attacker could exploit this vulnerability to perform any type of a fragmentation-based attack against legacy IPv6 nodes and trigger a kernel panic.
CVSS Base Score: 8.6
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/124080&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H)

CVEID: CVE-2015-3331 DESCRIPTION: Linux Kernel, built with the Intel AES-NI instructions for AES algorithm support (CONFIG_CRYPTO_AES_NI_INTEL), is vulnerable to a buffer overflow, caused by improper bounds checking by the RFC4106 GCM mode decryption functionality. By sending fragmented packets using the Intel AES-NI instruction, a remote attacker could overflow a buffer and execute arbitrary code on the system with elevated privileges.
CVSS Base Score: 9.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/103483&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2014-2523 DESCRIPTION: Linux Kernel could allow a remote attacker to execute arbitrary code on the system, caused by an error in the /netfilter/nf_conntrack_proto_dccp.c file. By sending a specially-crafted DCCP packet, an attacker could exploit this vulnerability to corrupt kernel stack memory and execute arbitrary code on the system with kernel privileges.
CVSS Base Score: 10
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/91910&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

Affected Products and Versions

Product Version
IBM Security Directory Suite 8.0.1 - 8.0.1.9

Remediation/Fixes

Product

| VRMF |Remediation
—|—|—
IBM Security Directory Suite | 8.0.1 - 8.0.1.9 | 8.0.1.10-ISS-ISDS_20190223-0443

Workarounds and Mitigations

None

CPENameOperatorVersion
ibm security directory suiteeq8.0.1

Related

ibm 8
prion 3
openvas 43
redhatcve 1
cve 3
nessus 55
ubuntucve 3
f5 3
nvd 3
veracode 8
cvelist 3
redhat 12
debiancve 2
centos 4
altlinux 3
seebug 1
amazon 2
ubuntu 12
securityvulns 5
oraclelinux 11
suse 6
mageia 3
debian 2
osv 1
virtuozzo 2
ibm
ibm
Security Bulletin: IBM Security Access Manager Appliance is affected by multiple kernel vulnerabilities
2018-08-24 04:07:21
Security Bulletin: IBM Security Identity Manager Virtual Appliance is affected by multiple vulnerabilities (CVE-2017-6464, CVE-2017-6463, CVE-2017-6462, CVE-2015-3331, CVE-2014-2523)
2019-03-26 21:35:01
Security Bulletin: IBM MQ Appliance is affected by a kernel vulnerability (CVE-2014-2523)
2018-07-31 13:47:03
prion
prion
Design/Logic Flaw
2017-01-14 07:59:00
Buffer overflow
2015-05-27 10:59:00
Design/Logic Flaw
2014-03-24 16:40:00
openvas
openvas
Juniper Networks Junos OS ICMPv6 DoS Vulnerability
2017-04-13 00:00:00
RedHat Update for kernel RHSA-2015:0987-01
2015-06-09 00:00:00
Oracle: Security Advisory (ELSA-2015-0987)
2015-10-06 00:00:00
redhatcve
redhatcve
CVE-2016-10142
2017-01-24 04:47:24
cve
cve
CVE-2016-10142
2017-01-14 07:59:00
CVE-2015-3331
2015-05-27 10:59:07
CVE-2014-2523
2014-03-24 16:40:48
nessus
nessus
Juniper Junos ICMPv6 PTB Atomic Fragment DoS (JSA10780)
2017-07-06 00:00:00
F5 Networks BIG-IP : IPv6 fragmentation vulnerability (K57211290)
2017-07-13 00:00:00
RHEL 6 : MRG (RHSA-2015:0989)
2015-05-13 00:00:00
ubuntucve
ubuntucve
CVE-2016-10142
2017-01-14 00:00:00
CVE-2015-3331
2015-04-21 00:00:00
CVE-2014-2523
2014-03-24 00:00:00
f5
f5
K57211290 : IPv6 fragmentation vulnerability CVE-2016-10142
2017-07-12 00:00:00
SOL16819 - Linux kernel vulnerability CVE-2015-3331
2015-06-29 00:00:00
K16819 : Linux kernel vulnerability CVE-2015-3331
2015-06-30 00:00:00
nvd
nvd
CVE-2016-10142
2017-01-14 07:59:00
CVE-2015-3331
2015-05-27 10:59:07
CVE-2014-2523
2014-03-24 16:40:48
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:51:57
Denial Of Service (DoS)
2019-01-15 09:05:52
Sensitive Information Disclosure
2019-05-02 04:57:44
cvelist
cvelist
CVE-2016-10142
2017-01-14 06:56:00
CVE-2015-3331
2015-05-27 10:00:00
CVE-2014-2523
2014-03-24 10:00:00
redhat
redhat
(RHSA-2015:0989) Important: kernel-rt security, bug fix, and enhancement update
2015-05-12 00:00:00
(RHSA-2015:0981) Important: kernel-rt security, bug fix, and enhancement update
2015-05-12 20:50:51
(RHSA-2015:0987) Important: kernel security and bug fix update
2015-05-12 00:00:00
debiancve
debiancve
CVE-2015-3331
2015-05-27 10:59:07
CVE-2014-2523
2014-03-24 16:40:48
centos
centos
kernel, perf, python security update
2015-05-13 16:57:56
kernel, perf, python security update
2014-05-08 17:53:25
kernel, perf, python security update
2015-06-10 09:06:44
altlinux
altlinux
Security fix for the ALT Linux 7 package kernel-image-un-def version 1:3.13.6-alt2
2014-03-21 00:00:00
Security fix for the ALT Linux 7 package kernel-image-el-def version 2.6.32-alt19
2014-03-22 00:00:00
Security fix for the ALT Linux 7 package kernel-image-el-def version 2.6.32-alt22
2014-05-09 00:00:00
seebug
seebug
Linux Kernel DCCP报文处理内存破坏漏洞
2014-03-19 00:00:00
amazon
amazon
Medium: kernel
2015-05-14 14:27:00
Medium: kernel
2014-04-22 10:53:00
ubuntu
ubuntu
Linux kernel (EC2) vulnerabilities
2014-04-26 00:00:00
Linux kernel vulnerabilities
2014-04-26 00:00:00
Linux kernel vulnerabilities
2015-05-20 00:00:00
securityvulns
securityvulns
[USN-2173-1] Linux kernel vulnerabilities
2014-05-04 00:00:00
[USN-2631-1] Linux kernel vulnerabilities
2015-06-13 00:00:00
Linux kernel multiple security vulnerabilities
2015-05-10 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2014-03-27 00:00:00
kernel security and bug fix update
2015-05-12 00:00:00
unbreakable enterprise kernel security update
2014-03-26 00:00:00
suse
suse
Live patch for the Linux Kernel (important)
2015-09-04 12:16:25
Live patch for the Linux Kernel (important)
2015-09-04 12:09:23
Live patch for the Linux Kernel (important)
2015-09-04 12:11:01
mageia
mageia
Updated kernel package fixes security vulnerabilities
2015-05-01 00:57:25
Updated kernel-linus package fixes security vulnerabilities
2015-05-01 00:57:25
Updated kernel-tmb packages fix security vulnerabilities
2015-05-13 18:54:07
debian
debian
[SECURITY] [DSA 3237-1] linux security update
2015-04-26 12:37:13
[SECURITY] [DSA 3237-1] linux security update
2015-04-26 12:37:13
osv
osv
linux - security update
2015-04-26 00:00:00
virtuozzo
virtuozzo
Kernel security update: new kernel 2.6.32-042stab123.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0
2017-03-30 00:00:00
Kernel security update: new kernel 2.6.32-042stab123.1, Virtuozzo 6.0 Update 12 Hotfix 7 (6.0.12-)
2017-03-30 00:00:00

0.075 Low

EPSS

Percentile

94.1%

JSON
Related for 2EB88EA4D78F737250FE1F53A5FBA5002C9D5DB0B0AC64AEA952FE8504CD5896
ibm8prion3openvas43redhatcve1cve3nessus55ubuntucve3f53nvd3veracode8cvelist3redhat12debiancve2centos4altlinux3seebug1amazon2ubuntu12securityvulns5oraclelinux11suse6mageia3debian2osv1virtuozzo2