IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch Firmware has addressed the following vulnerabilities in NTP and GNU C Library (glibc).
IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch Firmware has addressed the following vulnerabilities in NTP and GNU C Library (glibc).
Vulnerability Details
CVE-ID: CVE-2014-8121
Description: GNU C Library (glibc) is vulnerable to a denial of service, caused by the failure to properly check if a file is open by DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS). By performing a look-up on a database while iterating over it, an attacker could exploit this vulnerability to cause the application to enter into an infinite loop.
CVSS Base Score: 5
CVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/102652> for current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVE-ID: CVE-2015-1781
Description: GNU C Library (glibc) is vulnerable to a buffer overflow, caused by improper bounds checking by the gethostbyname_r() and other related functions. By sending a specially-crafted argument, a remote attacker could overflow a buffer and execute arbitrary code on the system elevated privileges or cause the application to crash.
CVSS Base Score: 5.1
CVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/102500> for current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:P)
CVE-ID: CVE-2015-7855
Description: Network Time Protocol (NTP) is vulnerable to a denial of service, caused by ASSERT botch instead of returning FAIL on some invalid values by the decodenetnum() function. An attacker could exploit this vulnerability to cause a denial of service.
CVSS Base Score: 5.3
CVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/107448> for current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVE-ID: CVE-2015-7853
Description: Network Time Protocol (NTP) is vulnerable to a buffer overflow, caused by improper bounds checking by the refclock of ntpd. By sending an overly long string, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVSS Base Score: 7.3
CVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/107438> for current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVE-ID: CVE-2015-7692
Description: Network Time Protocol (NTP) is vulnerable to a denial of service, caused by an error in ntp_crypto.c. An attacker could exploit this vulnerability using a packet containing an extension field with an invalid value for the length of its value field to cause ntpd to crash.
CVSS Base Score: 5.3
CVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/107450> for current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVE-ID: CVE-2015-7871
Description: Network Time Protocol (NTP) could allow a remote attacker to bypass restrictions, caused by a logic error when handling specific crypto-NAK packets. By sending an NTP symmetric active crypto-NAK packet, an attacker could exploit this vulnerability to bypass the symmetric association authentication process and make arbitrary changes to system time.
CVSS Base Score: 7.2
CVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/107436> for current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L)
Product | Affected Version |
---|---|
IBM FLEX System EN6131 40Gb | |
Ethernet & IB6131 8 Gb Infiniband | |
Switch Firmware | 3.2-3.4 |
Firmware fix versions are available on Fix Central:
<http://www.ibm.com/support/fixcentral/>
You should verify applying the fix does not cause any compatibility issues.
Product | Fixed Version |
---|---|
IBM FLEX System EN6131 40Gb Ethernet & IB6131 8 Gb Infiniband Switch Firmware | |
(mlnx_fw_ppc_m460ex-sx-3.5.1000_anyos_noarch) | 3.5.1000 |
None
Related Information
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog
Acknowledgement
None
Change History
23 March 2016: Original version published
Disclaimer
According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an “industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.” IBM PROVIDES THE CVSS SCORES “AS IS” WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.