ID CVE-2018-1426 Type cve Reporter cve@mitre.org Modified 2020-08-24T17:37:00
Description
IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) duplicates the PRNG state across fork() system calls when multiple ICC instances are loaded which could result in duplicate Session IDs and a risk of duplicate key material. IBM X-Force ID: 139071.
{"aix": [{"lastseen": "2019-05-29T19:19:12", "bulletinFamily": "unix", "cvelist": ["CVE-2018-1427", "CVE-2016-0702", "CVE-2018-1388", "CVE-2018-1426", "CVE-2018-1447"], "description": "IBM SECURITY ADVISORY\n\nFirst Issued: Fri Dec 14 12:09:04 CST 2018\n\nThe most recent version of this document is available here:\n\nhttp://aix.software.ibm.com/aix/efixes/security/itds_advisory2.asc\nhttps://aix.software.ibm.com/aix/efixes/security/itds_advisory2.asc\nftp://aix.software.ibm.com/aix/efixes/security/itds_advisory2.asc\n\nSecurity Bulletin: Vulnerabilities in GSKit affect IBM Tivoli Directory\n Server and IBM Security Directory Server for AIX\n\n===============================================================================\n\nSUMMARY:\n\n There are multiple vulnerabilities in GSKit that affect IBM Tivoli\n Directory Server and IBM Security Directory Server for AIX. \n\n===============================================================================\n\nVULNERABILITY DETAILS:\n\n CVEID: CVE-2018-1388\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1388\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1388\n DESCRIPTION: GSKit V7 may disclose side channel information via \n discrepencies between valid and invalid PKCS#1 padding. \n CVSS Base Score: 9.1\n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/138212\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N)\n\n CVEID: CVE-2018-1427\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1427\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1427\n DESCRIPTION: IBM GSKit contains several enviornment variables that a local\n attacker could overflow and cause a denial of service.\n CVSS Base Score: 6.2\n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/139072\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n CVEID: CVE-2018-1426\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1426\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1426\n DESCRIPTION: IBM GSKit duplicates the PRNG state across fork() system \n calls when multiple ICC instances are loaded which could result in \n duplicate Session IDs and a risk of duplicate key material.\n CVSS Base Score: 7.4\n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/139071\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)\n\n CVEID: CVE-2016-0702\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0702\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0702\n DESCRIPTION: OpenSSL could allow a local attacker to obtain sensitive \n information, caused by a side-channel attack against a system based on\n the Intel Sandy-Bridge microarchitecture. An attacker could exploit \n this vulnerability to recover RSA keys.\n CVSS Base Score: 2.9\n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/111144\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2018-1447\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1447\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1447\n DESCRIPTION: The GSKit CMS KDB logic fails to salt the hash function \n resulting in weaker than expected protection of passwords. A weak \n password may be recovered. Note: After update the customer should \n change password to ensure the new password is stored more securely. \n Products should encourage customers to take this step as a high \n priority action.\n CVSS Base Score: 5.1\n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/139972\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n\nAFFECTED PRODUCTS AND VERSIONS:\n\n AIX 5.3, 6.1, 7.1, 7.2\n VIOS 2.2.x\n\n The following fileset levels (VRMF) are vulnerable, if the\n respective IBM Tivoli Directory Server (ITDS) or IBM Security Directory\n Server (ISDS) version is installed:\n For ITDS 6.2.0: Less than 6.2.0.56\n For ITDS 6.3.0: Less than 6.3.0.49\n For ISDS 6.3.1: Less than 6.3.1.24\n For ISDS 6.4.0: Less than 6.4.0.16\n\n Note: To find out whether the affected ITDS or ISDS filesets are \n installed on your systems, refer to the lslpp command found in AIX\n user's guide.\n\n Example: lslpp -L | grep -i itds\n\n\nREMEDIATION:\n\n Note: Recommended remediation is to always install the most recent\n package available for the respective IBM Tivoli Directory Server or\n IBM Security Directory Server version.\n\n IBM Tivoli Directory Server 6.2.0, 6.2.0.56 or later: \n https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Directory+Server&release=6.2.0.52&platform=AIX&function=all\n\n IBM Tivoli Directory Server 6.3.0, 6.3.0.49 or later:\n https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Directory+Server&release=6.3.0.45&platform=AIX&function=all\n\n IBM Security Directory Server 6.3.1, 6.3.1.24 or later:\n https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/IBM+Security+Directory+Server&release=6.3.1.20&platform=AIX&function=all\n\n IBM Security Directory Server 6.4.0, 6.4.0.16 or later:\n https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/IBM+Security+Directory+Server&release=6.4.0.11&platform=AIX&function=all\n\n\nWORKAROUNDS AND MITIGATIONS:\n\n None.\n\n\n===============================================================================\n\nCONTACT US:\n\n If you would like to receive AIX Security Advisories via email,\n please visit \"My Notifications\":\n\n http://www.ibm.com/support/mynotifications\n\n To view previously issued advisories, please visit:\n\n http://www14.software.ibm.com/webapp/set2/subscriptions/onvdq\n\n Contact IBM Support for questions related to this announcement:\n\n http://ibm.com/support/\n https://ibm.com/support/\n\n To obtain the OpenSSL public key that can be used to verify the\n signed advisories and ifixes:\n\n Download the key from our web page:\n\n http://www.ibm.com/systems/resources/systems_p_os_aix_security_pubkey.txt\n\n Please contact your local IBM AIX support center for any\n assistance.\n\n\nREFERENCES:\n\n Complete CVSS v2 Guide:\n http://www.first.org/cvss/v2/guide\n On-line Calculator v2:\n http://nvd.nist.gov/CVSS-v2-Calculator\n Complete CVSS v3 Guide:\n http://www.first.org/cvss/user-guide\n On-line Calculator v3:\n http://www.first.org/cvss/calculator/3.0\n\n\nRELATED INFORMATION:\n\n Security Bulletin: Vulnerabilities in GSKit affect IBM Tivoli Directory\n Server and IBM Security Directory Server for AIX\n http://www-01.ibm.com/support/docview.wss?uid=ibm10788069\n\n\nACKNOWLEDGEMENTS:\n\n None.\n\nCHANGE HISTORY:\n\n First Issued: Fri Dec 14 12:09:04 CST 2018\n\n\n===============================================================================\n\n*The CVSS Environment Score is customer environment specific and will\nultimately impact the Overall CVSS Score. Customers can evaluate the impact\nof this vulnerability in their environments by accessing the links in the\nReference section of this Security Bulletin.\n\nDisclaimer\nAccording to the Forum of Incident Response and Security Teams (FIRST), the\nCommon Vulnerability Scoring System (CVSS) is an \"industry open standard\ndesigned to convey vulnerability severity and help to determine urgency and\npriority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY\nOF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS\nFOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT\nOF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n\n\n", "edition": 3, "modified": "2018-12-14T12:09:04", "published": "2018-12-14T12:09:04", "id": "ITDS_ADVISORY2.ASC", "href": "https://aix.software.ibm.com/aix/efixes/security/itds_advisory2.asc", "title": "Vulnerabilities in GSKit affect IBM Tivoli Directory Server and IBM Security Directory Server for AIX", "type": "aix", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}], "nessus": [{"lastseen": "2021-01-08T03:18:43", "description": "The version of IBM HTTP Server running on the remote host is affected by multiple vulnerabilities, including the following:\n\n - IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) duplicates the PRNG state across\n fork() system calls when multiple ICC instances are loaded which could result in duplicate Session IDs and\n a risk of duplicate key material. (CVE-2018-1426)\n\n - The GSKit (IBM Spectrum Protect 7.1 and 7.2) and (IBM Spectrum Protect Snapshot 4.1.3, 4.1.4, and 4.1.6)\n CMS KDB logic fails to salt the hash function resulting in weaker than expected protection of passwords. A\n weak password may be recovered. Note: After update the customer should change password to ensure the new\n password is stored more securely. Products should encourage customers to take this step as a high priority\n action. (CVE-2018-1447)\n\n - There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1.0.2 before\n 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA\n and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks\n against DH are considered just feasible (although very difficult) because most of the work necessary to\n deduce information about a private key may be performed offline. The amount of resources required for such\n an attack would be very significant and likely only accessible to a limited number of attackers. An\n attacker would additionally need online access to an unpatched system using the target private key in a\n scenario with persistent DH parameters and a private key that is shared between multiple clients. For\n example this can occur by default in OpenSSL DHE based SSL/TLS ciphersuites. Note: This issue is very\n similar to CVE-2015-3193 but must be treated as a separate problem. (CVE-2017-3732)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.", "edition": 2, "cvss3": {"score": 9.1, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}, "published": "2021-01-06T00:00:00", "title": "IBM HTTP Server 7.0.0.0 <= 7.0.0.43 / 8.0.0.0 <= 8.0.0.14 / 8.5.0.0 < 8.5.5.14 / 9.0.0.0 < 9.0.0.8 Multiple Vulnerabilities (569301)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-7056", "CVE-2018-1427", "CVE-2016-0702", "CVE-2015-3193", "CVE-2017-3732", "CVE-2018-1426", "CVE-2018-1447", "CVE-2017-3736"], "modified": "2021-01-06T00:00:00", "cpe": ["cpe:/a:ibm:http_server"], "id": "IBM_HTTP_SERVER_569301.NASL", "href": "https://www.tenable.com/plugins/nessus/144773", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144773);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/07\");\n\n script_cve_id(\n \"CVE-2016-0702\",\n \"CVE-2016-7056\",\n \"CVE-2017-3732\",\n \"CVE-2017-3736\",\n \"CVE-2018-1426\",\n \"CVE-2018-1427\",\n \"CVE-2018-1447\"\n );\n script_bugtraq_id(\n 83740,\n 95375,\n 95814,\n 101666,\n 103536,\n 104511,\n 105580\n );\n\n script_name(english:\"IBM HTTP Server 7.0.0.0 <= 7.0.0.43 / 8.0.0.0 <= 8.0.0.14 / 8.5.0.0 < 8.5.5.14 / 9.0.0.0 < 9.0.0.8 Multiple Vulnerabilities (569301)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of IBM HTTP Server running on the remote host is affected by multiple vulnerabilities, including the following:\n\n - IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) duplicates the PRNG state across\n fork() system calls when multiple ICC instances are loaded which could result in duplicate Session IDs and\n a risk of duplicate key material. (CVE-2018-1426)\n\n - The GSKit (IBM Spectrum Protect 7.1 and 7.2) and (IBM Spectrum Protect Snapshot 4.1.3, 4.1.4, and 4.1.6)\n CMS KDB logic fails to salt the hash function resulting in weaker than expected protection of passwords. A\n weak password may be recovered. Note: After update the customer should change password to ensure the new\n password is stored more securely. Products should encourage customers to take this step as a high priority\n action. (CVE-2018-1447)\n\n - There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1.0.2 before\n 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA\n and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks\n against DH are considered just feasible (although very difficult) because most of the work necessary to\n deduce information about a private key may be performed offline. The amount of resources required for such\n an attack would be very significant and likely only accessible to a limited number of attackers. An\n attacker would additionally need online access to an unpatched system using the target private key in a\n scenario with persistent DH parameters and a private key that is shared between multiple clients. For\n example this can occur by default in OpenSSL DHE based SSL/TLS ciphersuites. Note: This issue is very\n similar to CVE-2015-3193 but must be treated as a separate problem. (CVE-2017-3732)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.ibm.com/support/pages/node/569301\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to IBM HTTP Server version 7.0.0.45, 8.5.5.14, 9.0.0.8, or later. Alternatively, upgrade to the minimal fix\npack levels required by the interim fix and then apply Interim Fix PI91913 or PI94222.\");\n script_set_attribute(attribute:\"agent\", value:\"unix\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-1426\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/03/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:http_server\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ibm_http_server_nix_installed.nbin\");\n script_require_keys(\"installed_sw/IBM HTTP Server\");\n\n exit(0);\n}\n\n\ninclude('vcf.inc');\n\napp = 'IBM HTTP Server';\nfix = 'Interim Fix PI94222';\n\napp_info = vcf::get_app_info(app:app);\nvcf::check_granularity(app_info:app_info, sig_segments:4);\n\nif ('PI91913' >< app_info['Fixes'] || 'PI94222' >< app_info['Fixes'])\n audit(AUDIT_INST_VER_NOT_VULN, app);\n\nconstraints = [\n { 'min_version' : '7.0.0.0', 'max_version' : '7.0.0.43', 'fixed_display' : '7.0.0.45 or Interim Fix PI91913'},\n { 'min_version' : '8.0.0.0', 'max_version' : '8.0.0.14', 'fixed_display' : fix },\n { 'min_version' : '8.5.0.0', 'max_version' : '8.5.5.13', 'fixed_display' : '8.5.5.14 or ' + fix },\n { 'min_version' : '9.0.0.0', 'max_version' : '9.0.0.7', 'fixed_display' : '9.0.0.8 or ' + fix }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}]}
