Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM0A204DD5BCD9CB120DDB3468A70472E922DC429770CAC8B466E7319ED3FCC1AE
HistoryJan 31, 2019 - 1:35 a.m.

Security Bulletin: Security vulnerabilities in Open SSL, OpenSSH and curl affect the Integrated Management Module II (IMM2)

2019-01-3101:35:01
www.ibm.com
11

4.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

JSON

Summary

Security vulnerabilities in Open SSL, OpenSSH and curl affect the Integrated Management Module II (IMM2).

Vulnerability Details

Abstract

Security vulnerabilities in Open SSL, OpenSSH and curl affect the Integrated Management Module II (IMM2).

Vulnerability Details

CVE-ID: CVE-2014-2653

Description: OpenSSH could allow a remote attacker to bypass security restrictions, caused by an error in the SSH client when handling a HostCertificate. By persuading a victim to visit a specially-crafted Web site containing a malicious certificate, an attacker could exploit this vulnerability using a malicious server to disable SSHFP-checking.

CVSS Base Score: 4.3
CVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/92116&gt; for current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVE-ID: CVE-2014-2532

Description: OpenSSH could allow a remote attacker to bypass security restrictions, caused by the inclusion of wildcard characters in the AcceptEnv lines of the sshd_config configuration file within the sshd program. By using a substring before a wildcard character, an attacker could exploit this vulnerability to bypass intended environment restrictions.

CVSS Base Score: 5
CVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/91986&gt; for current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)

CVE-ID: CVE-2013-2174

Description: cURL/libcURL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the curl_easy_unescape() function in lib/escape.c. While decoding URL encoded strings to raw binary data, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.

CVSS Base Score: 6.8
CVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/85180&gt; for current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVE-ID: CVE-2014-4545

Description: cURL/libcURL could allow a remote attacker to conduct spoofing attacks, caused by the improper validation of connection host name in TLS/SSL server certificates when the digital signature verification is disabled. By persuading a victim to visit a Web site containing a specially-crafted certificate, a remote attacker could exploit this vulnerability using man-in-the-middle techniques to cause the victim to accept spoofed certificates.

CVSS Base Score: 4.3
CVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/89181&gt; for current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVE-ID: CVE-2014-0015

Description: libcURL could allow a remote attacker from within the local network to bypass security restrictions, caused by the re-use of recently authenticated connections. By sending a new NTLM-authenticated request, an attacker could exploit this vulnerability to perform unauthorized actions with the privileges of the victim.

CVSS Base Score: 5.0
CVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/90841&gt; for current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:N)

CVE-ID: CVE-2014-0138

Description: cURL/libcURL could allow a remote attacker to bypass security restrictions, caused by the re-use of previously used connections when processing new requests. An attacker could exploit this vulnerability to hijack the privileges of a different user’s session and launch further attacks on the system.

CVSS Base Score: 6.4
CVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/92131&gt; for current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:N)

CVE-ID: CVE-2014-0139

Description: cURL/libcURL could allow a remote attacker to bypass security restrictions, caused by an error in the hostmatch() function when validating certificates containing an IP address with a wildcard match within the Common Name field. By sending a specially-crafted SSL certificate containing wildcard characters, a remote attacker could exploit this vulnerability to spoof the server and launch further attacks on the system.

CVSS Base Score: 4.3
CVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/92130&gt; for current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:N)

CVE-ID: CVE-2014-3509

Description: OpenSSL is vulnerable to a denial of service, caused by a race condition in the ssl_parse_serverhello_tlsext() code. If a multithreaded client connects to a malicious server using a resumed session, a remote attacker could exploit this vulnerability to cause a denial of service.

CVSS Base Score: 4.3
CVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/95159&gt; for current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P)

CVE-ID: CVE-2014-3506

Description: OpenSSL is vulnerable to a denial of service, caused by an error when processing DTLS handshake messages. A remote attacker could exploit this vulnerability to consume an overly large amount of memory.

CVSS Base Score: 5
CVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/95160&gt; for current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVE-ID: CVE-2014-3507

Description: OpenSSL is vulnerable to a denial of service. By sending specially-crafted DTLS packets, a remote attacker could exploit this vulnerability to leak memory and cause a denial of service.

CVSS Base Score: 5
CVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/95161&gt; for current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVE-ID: CVE-2014-3511

Description: OpenSSL could allow a remote attacker to bypass security restrictions, caused by the negotiation of TLS 1.0 instead of higher protocol versions by the OpenSSL SSL/TLS server code when handling a badly fragmented ClientHello message. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to TLS 1.0.

CVSS Base Score: 4.3
CVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/95162&gt; for current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVE-ID: CVE-2014-3505

Description: OpenSSL is vulnerable to a denial of service, caused by a double-free error when handling DTLS packets. A remote attacker could exploit this vulnerability to cause the system to crash.

CVSS Base Score: 5
CVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/95163&gt; for current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVE-ID: CVE-2014-3510

Description: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference in anonymous ECDH ciphersuites. A remote attacker could exploit this vulnerability using a malicious handshake to cause the client to crash.

CVSS Base Score: 4.3
CVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/95164&gt; for current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P)

CVE-ID: CVE-2014-3508

Description: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in OBJ_obj2txt. If applications echo pretty printing output, an attacker could exploit this vulnerability to read information from the stack.

CVSS Base Score: 4.3
CVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/95165&gt; for current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)

Affected products and versions

Integrated Management Module II (IMM2) firmware is affected on the following hardware platforms on the level listed further below:

  • iDatplex dx360 M4, types 7912, 7913
  • iDatplex dx360 M4 Water Cooled, types 7918, 7919
  • Flex System x220 Compute Node, types 7906, 2585
  • Flex System x222 Compute Node, type 7916
  • Flex System x240 Compute Node, types 8737, 8738, 7863, 8956
  • Flex System x440 Compute Node, type 7917
  • Flex System x880 Compute Node, types 4259,7903
  • Flex System Manager Node, types 8731, 8734, 7955
  • NeXtScale nx360 M4, type 5455
  • System x3100 M4, type 2582
  • System x3100 M5, type 5457
  • System x3250 M4, type 2583
  • System x3250 M5, type 5458
  • System x3300 M4, type 7382
  • System x3500 M4, type 7383
  • System x3530 M4, type 7160
  • System x3550 M4, type 7914
  • System x3630 M4, type 7158
  • System x3650 M4 BD, type 5466
  • System x3650 M4 HD, type 5460
  • System x3650 M4, type 7915
  • System x3750 M4, types 8752, 8718
  • System x3750 M4, types 8722, 8733
  • System x3850 X6, Type 3837
  • System x3950 X6, Type 3837

The following IMM2 firmware levels for the above products are affected:

  • v1.00 (1AOO10I)
  • v1.05 (1AOO10K)
  • v1.25 (1AOO26K)
  • v1.26 (1AOO26N)
  • v1.32 (1AOO28N)
  • v1.34 (1AOO28Q)
  • v1.38 (1AOO30D)
  • v1.40 (1AOO30T)
  • v1.45 (1AOO28S)
  • v1.50 (1AOO30W)
  • v1.51 (1AOO30Y)
  • v1.52 (1AOO34A)
  • v1.53 (1AOO30Z)
  • v1.59 (1AOO32K)
  • v1.60 (1AOO32P)
  • v1.65 (1AOO32O)
  • v1.75 (1AOO32S)
  • v1.77 (1AOO32K)
  • v1.78 (1AOO36E)
  • v1.79 (1AOO36F)
  • v1.85 (1AOO34Z)
  • v1.86 (1AOO40D)
  • v1.88 (1AOO40A)
  • v1.95 (1AOO36P)
  • v1.97 (1AOO36R)
  • v2.00 (1AOO40E)
  • v2.06 (1AOO42B)
  • v2.50 (1AOO40Z)
  • v2.52 (1AOO42E)
  • v2.60 (1AOO41W)
  • v2.61 (1AOO44Y)
  • v2.62 (1AOO56T)
  • v3.10 (1AOO48H)
  • v3.20 (1AOO48k)
  • v3.30 (1AOO36R)
  • v3.35 (1AOO48N)
  • v3.36 (1AOO48G)
  • v3.37 (1AOO48P)
  • v3.40 (1AOO48M)
  • v3.50 (1AOO50B)
  • v3.55 (1AOO50E)
  • v3.56 (1AOO50K)
  • v3.65 (1AOO50D)
  • v3.67 (1AOO50Q)
  • v3.70 (1AOO52Q)
  • v3.71 (1AOO52W)
  • v3.73 (1AOO56D)
  • v3.74 (1AOO52R)
  • v3.75 (1AOO56F)
  • v3.76 (1AOO52S)
  • v3.76 (1AOO56Q)
  • v3.77 (1AOO56H)
  • v3.78 (1AOO52Y)
  • v3.79 (1AOO56Q)
  • v3.80 (1AOO52U)
  • v3.81 (1AOO52Z)
  • v3.82 (1AOO56E)
  • v3.83 (1AOO56I)
  • v3.84 (1AOO56K)
  • v3.85 (1AOO56U)
  • v3.86 (1AOO56L)
  • v3.86 (1AOO56V)
  • v3.90 (1AOO54X)
  • v3.91 (1AOO56P)
  • v3.91 (1AOO58Q)
  • v4.00 (1AOO58I)
  • v4.02 (1AOO58S)
  • v4.10 (1AOO58F)
  • v4.20 (1AOO58R)
  • v4.21 (1AOO58U)
  • v4.31 (1AOO58T)

Remediation/Fixes:

IBM recommends that you upgrade the following affected system to Integrated Management Module 2 v4.60 (1A0064P):

  • NeXtScale nx360 M4, type 5455

IBM recommends that you upgrade the following affected systems to Integrated Management Module 2 v4.50 (1A0064L):

  • Flex System x220 Compute Node, types 7906, 2585
  • Flex System x222 Compute Node, type 7916
  • Flex System x240 Compute Node, types 8737, 8738, 7863, 8956
  • Flex System x440 Compute Node, type 7917
  • Flex System x880 Compute Node, types 4259,7903
  • Flex System Manager Node, types 8731, 8734, 7955
  • System x3100 M5, type 5457

IBM recommends that you upgrade the following systems to Integrated Management Module 2 v4.55 (1A0064N):

  • iDatplex dx360 M4, types 7912, 7913
  • iDatplex dx360 M4 Water Cooled, types 7918, 7919
  • System x3100 M4, type 2582
  • System x3300 M4, type 7382
  • System x3250 M4, type 2583
  • System x3250 M5, type 5458
  • System x3530 M4, type 7160
  • System x3500 M4, type 7383
  • System x3550 M4, type 7914
  • System x3630 M4, type 7158
  • System x3750 M4, types 8752, 8718
  • System x3750 M4, types 8722, 8733
  • System x3650 M4 BD, type 5466
  • System x3650 M4 HD, type 5460
  • System x3650 M4, type 7915

Workaround(s) & Mitigation(s)

None

References:

Related Information:
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog
Subscribe to Security Bulletins

Acknowledgement

None

Change History
9 December 2014: Original Copy Published

  • The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash.

Disclaimer

According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an “industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.” IBM PROVIDES THE CVSS SCORES “AS IS” WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

Related

ibm 38
openvas 41
nessus 63
oraclelinux 5
redhat 5
centos 3
debian 7
osv 4
amazon 3
freebsd 1
aix 2
mageia 2
securityvulns 1
kaspersky 1
slackware 1
huawei 1
ubuntu 2
freebsd_advisory 1
f5 6
fedora 5
altlinux 5
gentoo 1
cvelist 1
ibm
ibm
Security Bulletin: Multiple vulnerabilities in Open SSL, OpenSSH and curl affect the Integrated Management Module II (IMM2)
2019-01-31 01:55:01
Security Bulletin: Multiple potential vulnerabilities in OpenSSL fixed in Chassis Management Module (CMM) (CVE-2014-3509, CVE-2014-3506, CVE-2014-3507, CVE-2014-3511, CVE-2014-3505, CVE-2014-3510, CVE-2014-3508)
2019-01-31 01:35:01
Security Bulletin: Seven (7) Vulnerabilities in OpenSSL affect IBM FlashSystem 840 and V840 (CVEs)
2023-02-18 01:45:50
openvas
openvas
Oracle: Security Advisory (ELSA-2014-1052)
2015-10-06 00:00:00
CentOS Update for openssl CESA-2014:1052 centos7
2014-09-10 00:00:00
CentOS Update for openssl CESA-2014:1052 centos6
2014-08-14 00:00:00
nessus
nessus
RHEL 6 : openssl (RHSA-2014:1054)
2014-11-08 00:00:00
Oracle Linux 6 / 7 : openssl (ELSA-2014-1052)
2014-08-14 00:00:00
Scientific Linux Security Update : openssl on SL6.x i386/x86_64 (20140813)
2014-08-15 00:00:00
oraclelinux
oraclelinux
openssl security update
2014-08-13 00:00:00
openssl security update
2014-08-13 00:00:00
openssh security, bug fix, and enhancement update
2014-10-15 00:00:00
redhat
redhat
(RHSA-2014:1052) Moderate: openssl security update
2014-08-13 00:00:00
(RHSA-2014:1054) Moderate: openssl security update
2014-08-14 00:00:00
(RHSA-2014:1053) Moderate: openssl security update
2014-08-13 00:00:00
centos
centos
openssl security update
2014-08-13 20:10:43
openssl security update
2014-08-13 19:52:24
openssh, pam_ssh_agent_auth security update
2014-10-20 18:10:27
debian
debian
[DLA 33-1] openssl security update
2014-08-07 20:36:26
[SECURITY] [DSA 2998-1] openssl security update
2014-08-06 23:45:18
[SECURITY] [DSA 2894-1] openssh security update
2014-04-05 15:06:26
osv
osv
openssl - security update
2014-08-07 00:00:00
openssh - security update
2014-04-05 00:00:00
curl - security update
2014-04-13 00:00:00
amazon
amazon
Medium: openssl
2014-08-07 12:26:00
Medium: openssh
2014-07-09 16:32:00
Medium: curl
2014-04-10 23:54:00
freebsd
freebsd
OpenSSL -- multiple vulnerabilities
2014-08-06 00:00:00
aix
aix
AIX OpenSSL Denial of Service due to double free and others
2014-09-09 00:50:00
AIX OpenSSH Vulnerability
2014-06-17 04:07:12
mageia
mageia
Updated openssl packages fix security vulnerabilities
2014-08-12 13:16:46
Updated curl packages fix multiple vulnerabilities
2014-04-03 04:56:35
securityvulns
securityvulns
OpenSSL multiple security vulnerabilities
2014-08-07 00:00:00
kaspersky
kaspersky
KLA10343 Multiple vulnerabilities in Stunnel
2014-08-07 00:00:00
slackware
slackware
[slackware-security] openssl
2014-08-08 21:22:00
huawei
huawei
Security Advisory-9 OpenSSL vulnerabilities on Huawei products
2014-10-08 00:00:00
ubuntu
ubuntu
OpenSSL vulnerabilities
2014-08-07 00:00:00
curl vulnerabilities
2014-04-14 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-14:18.openssl
2014-09-09 00:00:00
f5
f5
K15573 : OpenSSL DTLS vulnerabilities CVE-2014-3505, CVE-2014-3506, and CVE-2014-3507
2015-09-15 00:00:00
SOL15573 - OpenSSL DTLS vulnerabilities CVE-2014-3505, CVE-2014-3506, and CVE-2014-3507
2014-09-05 00:00:00
K15862 : Multiple cURL and libcurl vulnerabilities CVE-2014-0015, CVE-2014-0138, and CVE-2014-0139
2014-11-25 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: curl-7.29.0-17.fc19
2014-03-31 02:12:04
[SECURITY] Fedora 20 Update: openssh-6.4p1-4.fc20
2014-05-21 23:23:52
[SECURITY] Fedora 19 Update: openssh-6.2p2-8.fc19
2014-06-10 02:51:15
altlinux
altlinux
Security fix for the ALT Linux 9 package openssl10 version 1.0.1j-alt1
2014-10-30 00:00:00
Security fix for the ALT Linux 9 package openssl1.1 version 1.0.1j-alt1
2014-10-30 00:00:00
Security fix for the ALT Linux 7 package openssl10 version 1.0.1j-alt1
2014-10-30 00:00:00
gentoo
gentoo
cURL: Multiple vulnerabilities
2014-06-22 00:00:00
cvelist
cvelist
CVE-2014-0138
2014-04-15 14:00:00

4.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

JSON
Related for 0A204DD5BCD9CB120DDB3468A70472E922DC429770CAC8B466E7319ED3FCC1AE
ibm38openvas41nessus63oraclelinux5redhat5centos3debian7osv4amazon3freebsd1aix2mageia2securityvulns1kaspersky1slackware1huawei1ubuntu2freebsd_advisory1f56fedora5altlinux5gentoo1cvelist1