Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM2B72C41D149C40A9B491A3A86D935BD73FFE090411B9686635B1FA6BB4615773
HistorySep 23, 2021 - 1:31 a.m.

Security Bulletin: Vulnerability in glibc affects Power Hardware Management Console (CVE-2016-3075)

2021-09-2301:31:39
www.ibm.com
12

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.01 Low

EPSS

Percentile

81.4%

JSON

Summary

glibc is used by Power Hardware Management Console (HMC). HMC has addressed the applicable CVE.

Vulnerability Details

CVEID: CVE-2016-3075**
DESCRIPTION:** GNU C Library (glibc) is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the nss_dns implementation of the getnetbyname function. By sending an overly long string, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVSS Base Score: 7.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/113796 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Affected Products and Versions

Power HMC V8.8.6.0

Remediation/Fixes

The following fixes are available on IBM Fix Central at: <http://www-933.ibm.com/support/fixcentral/&gt;

Product

|

VRMF

|

APAR

|

Remediation/Fix

—|—|—|—

Power HMC

|

V8.8.6.0 SP1

|

MB04041

|

MH01656

Workarounds and Mitigations

None

Related

ibm 2
prion 1
nessus 22
ubuntucve 1
openvas 14
debiancve 1
f5 2
redhat 1
centos 1
amazon 1
cve 1
archlinux 2
altlinux 1
fedora 2
oraclelinux 2
osv 1
debian 1
mageia 1
photon 2
gentoo 1
ubuntu 2
cloudfoundry 1
suse 2
ibm
ibm
Security Bulletin: A vulnerability in glibc affects PowerKVM
2018-06-18 01:34:56
Security Bulletin: Vulnerability in GNU C Library (glibc) affects IBM Flex System FC5022 16Gb SAN Scalable Switch (CVE-2016-3075)
2019-01-31 02:25:02
prion
prion
Stack overflow
2016-06-01 20:59:00
nessus
nessus
Oracle Linux 7 : glibc (ELSA-2016-3638)
2023-09-07 00:00:00
Oracle Linux 7 : glibc (ELSA-2016-2573)
2016-11-11 00:00:00
CentOS 7 : glibc (CESA-2016:2573)
2016-11-28 00:00:00
ubuntucve
ubuntucve
CVE-2016-3075
2016-03-31 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2016-1073)
2020-01-23 00:00:00
RedHat Update for glibc RHSA-2016:2573-02
2016-11-04 00:00:00
Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2018-1344)
2020-01-23 00:00:00
debiancve
debiancve
CVE-2016-3075
2016-06-01 20:59:00
f5
f5
SOL15439022 - glibc vulnerability CVE-2016-3075
2016-05-23 00:00:00
K15439022 : glibc vulnerability CVE-2016-3075
2016-05-23 00:00:00
redhat
redhat
(RHSA-2016:2573) Low: glibc security, bug fix, and enhancement update
2016-11-03 06:07:14
centos
centos
glibc, nscd security update
2016-11-25 15:25:38
amazon
amazon
Low: glibc
2017-02-06 18:00:00
cve
cve
CVE-2016-3075
2016-06-01 20:59:00
archlinux
archlinux
glibc: denial of service
2016-08-08 00:00:00
lib32-glibc: denial of service
2016-08-08 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package glibc version 6:2.23-alt2
2016-05-10 00:00:00
fedora
fedora
[SECURITY] Fedora 24 Update: glibc-2.23.1-7.fc24
2016-05-14 23:42:24
[SECURITY] Fedora 23 Update: glibc-2.22-15.fc23
2016-05-10 18:01:37
oraclelinux
oraclelinux
glibc security, bug fix, and enhancement update
2016-11-09 00:00:00
glibc security update
2016-11-09 00:00:00
osv
osv
eglibc - security update
2016-05-30 00:00:00
debian
debian
[SECURITY] [DLA 494-1] eglibc security update
2016-05-30 04:24:49
mageia
mageia
Updated glibc packages fix security vulnerabilities
2016-05-24 01:00:58
photon
photon
Important Photon OS Security Update - PHSA-2017-0037
2017-04-24 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2017-0013
2017-04-24 00:00:00
gentoo
gentoo
GNU C Library: Multiple vulnerabilities
2017-02-19 00:00:00
ubuntu
ubuntu
GNU C Library vulnerabilities
2016-05-25 00:00:00
GNU C Library regression
2016-05-26 00:00:00
cloudfoundry
cloudfoundry
USN-2985-2 GNU C Library regression | Cloud Foundry
2016-06-13 00:00:00
suse
suse
Security update for SLES 12-SP1 Docker image (important)
2017-10-11 03:07:32
Security update for SLES 12 Docker image (important)
2017-10-11 03:06:53

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.01 Low

EPSS

Percentile

81.4%

JSON
Related for 2B72C41D149C40A9B491A3A86D935BD73FFE090411B9686635B1FA6BB4615773
ibm2prion1nessus22ubuntucve1openvas14debiancve1f52redhat1centos1amazon1cve1archlinux2altlinux1fedora2oraclelinux2osv1debian1mageia1photon2gentoo1ubuntu2cloudfoundry1suse2