Security Bulletin: Vulnerabilities in unzip affect IBM Security Network Intrusion Prevention System (CVE-2014-8139, CVE-2014-8140, CVE-2014-8141, and CVE-2014-9636 )

Summary

The unzip utility is used to list, test, or extract files from a zip archive. Security vulnerabilities have been discovered in unzip used with IBM Security Network Intrusion Prevention System.

Vulnerability Details

CVE ID: CVE-2014-8139

DESCRIPTION: Info-ZIP UnZip is vulnerable to a heap-based buffer overflow, caused by improper bounds checking within the CRC32 verification. A local attacker could overflow a buffer and execute arbitrary code on the system.

CVSS Base Score: 4.4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/#/vulnerabilities/99371&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:M/Au:N/C:P/I:P/A:P)

CVE ID: CVE-2014-8140

DESCRIPTION: Info-ZIP UnZip is vulnerable to a buffer overflow, caused by improper bounds checking by the test_compr_eb() function. A local attacker could overflow a buffer and execute arbitrary code on the system.

CVSS Base Score: 4.4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/#/vulnerabilities/99372&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:M/Au:N/C:P/I:P/A:P)

CVE ID: CVE-2014-8141

DESCRIPTION: Info-ZIP UnZip is vulnerable to a buffer overflow, caused by improper bounds checking by the getZip64Data() function. A local attacker could overflow a buffer and execute arbitrary code on the system.

CVSS Base Score: 4.4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/#/vulnerabilities/99373&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:M/Au:N/C:P/I:P/A:P)

CVE ID: CVE-2014-9636

DESCRIPTION: Info-ZIP UnZip is vulnerable to a denial of service, caused by an out-of-bound access in extract.c. By persuading a victim to open a specially-crafted zip file, a local attacker could exploit this vulnerability to cause the application to crash.

CVSS Base Score: 1.9
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/#/vulnerabilities/100264&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:M/Au:N/C:N/I:N/A:P)

Affected Products and Versions

Products: GX3002, GX4002, GX4004, GX4004-v2, GX5008, GX5008-v2, GX5108, GX5108-v2, GX5208, GX5208-v2, GX6116, GX7412, GX7412-10, GX7412-05, GX7800, GV200, GV1000

Firmware versions 4.6.2, 4.6.1, 4.6, 4.5, 4.4, and 4.3

Remediation/Fixes

Product

| VRMF| Remediation/First Fix
—|—|—
IBM Security Network Intrusion Prevention System | Firmware version 4.6.2| 4.6.2.0-ISS-ProvG-AllModels-System-FP0009
IBM Security Network Intrusion Prevention System | Firmware version 4.6.1| 4.6.1.0-ISS-ProvG-AllModels-System-FP0013
IBM Security Network Intrusion Prevention System | Firmware version 4.6| 4.6.0.0-ISS-ProvG-AllModels-System-FP0011
IBM Security Network Intrusion Prevention System | Firmware version 4.5| 4.5.0.0-ISS-ProvG-AllModels-System-FP0013
IBM Security Network Intrusion Prevention System | Firmware version 4.4| 4.4.0.0-ISS-ProvG-AllModels-System-FP0013
IBM Security Network Intrusion Prevention System | Firmware version 4.3| 4.3.0.0-ISS-ProvG-AllModels-System-FP0011

Workarounds and Mitigations

None