Basic search

K
ibmIBM362D62C684CC4EC1C14D4239144C432AC6F62E6231DC7416F6DEB9B4ED0F1853
HistoryJun 17, 2018 - 10:33 p.m.

Security Bulletin: Vulnerabilities in OpenSSL affect MobileFirst Quality Assurance

2018-06-1722:33:13
www.ibm.com
19

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

Summary

OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by MobileFirst Quality Assurance. MobileFirst Quality Assurance has addressed the applicable CVEs.

Vulnerability Details

CVEID:CVE-2016-6302
DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117024&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID:CVE-2016-6304
**DESCRIPTION:*OpenSSL is vulnerable to a denial of service, caused by multiple memory leaks in t1_lib.c during session renegotiation. By sending an overly large OCSP Status Request extension, a remote attacker could exploit this vulnerability to consume all available memory resources.
CVSS Base Score: 7.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117110&gt; for the current score
CVSS Environmental Score
: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2016-2182
**DESCRIPTION:*OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash.
CVSS Base Score: 4.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116342&gt; for the current score
CVSS Environmental Score
: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)

CVEID:CVE-2016-2180
**DESCRIPTION:*OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in the TS_OBJ_print_bio function. A remote attacker could exploit this vulnerability using a specially crafted time-stamp file to cause the application to crash.
CVSS Base Score: 7.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/115829&gt; for the current score
CVSS Environmental Score
: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2016-2177
**DESCRIPTION:*OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash.
CVSS Base Score: 5.9
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113890&gt; for the current score
CVSS Environmental Score
: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2016-2178
**DESCRIPTION:*OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113889&gt; for the current score
CVSS Environmental Score
: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID:CVE-2016-2179
DESCRIPTION: OpenSSL is vulnerable to a denial of service. By sending specially crafted DTLS record fragments to fill up buffer queues, a remote attacker could exploit this vulnerability to open a large number of simultaneous connections and consume all available memory resources.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116343&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID:CVE-2016-6306
**DESCRIPTION:*OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service.
CVSS Base Score: 4.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117112&gt; for the current score
CVSS Environmental Score
: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)

CVEID:CVE-2016-2181
**DESCRIPTION:*OpenSSL is vulnerable to a denial of service, caused by an error in the DTLS replay protection implementation. By sending a specially crafted sequence number, a remote attacker could exploit this vulnerability to cause valid packets to be dropped.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116344&gt; for the current score
CVSS Environmental Score
: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Affected Products and Versions

MobileFirst Quality Assurance: 6.0.0.0 – 7.0.0.0

Remediation/Fixes

Product

| VRMF|APAR|Remediations/first fix
—|—|—|—
MobileFirst Quality Assurance | 6.0.0.0 - 7.0.0.0|
| fix pack: LINK TO FIX
Operating system updates for MFQA, Version 1.0.0.8

Review the Updating procedure for your version in the IBM Knowledge Center for additional guidance:

Important: Take a snapshot of the VM before applying these updates.

Procedure:

  1. Log in as root.

  2. Start IBM Installation Manager in console mode by entering the following command: ``/opt/IBM/InstallationManager/eclipse/tools/imcl``–c

  3. Select option P. Preferences.

  4. Select option 1. Repositories.

  5. Select option D. Add Repository.

  6. Enter the following repository URL to update Red Hat Enterprise Linux:
    <https://www.ibm.com/software/repositorymanager/service/com.ibm.rational.wqa.redhatUpdate/&gt;
    Note: If you downloaded the update from FixCentral, then enter the directory of the local update package.

  7. Enter your IBMid credentials:
    a. Select option P. Provide credentials and connect.
    b. Enter your user name.
    c. Enter your password.
    d. (Optional) Enter 1 to save your credentials.

8. Select option A. Apply changes and return to Preferences menu.

9. Select option R. Return to Main Menu.

10. From the list of actions, select 2. Update.

11. Select the 1. IBM MobileFirst Platform package group.

12. Select N. Next.

13. Select only Operating system updates for MFQA

14. Select **N. Next.

**
15. Follow the prompts to install the updates.

Rebooting after upgrading is suggested.

Workarounds and Mitigations

None.

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

Related for 362D62C684CC4EC1C14D4239144C432AC6F62E6231DC7416F6DEB9B4ED0F1853