IBM3DCABB9EB85B93AD82C8E990F2404897E1E7C51A9CC17BC1229347E080169D9DSecurity Bulletin: Vulnerabilities in Open Secure Shell for GPFS V3.5 on Windows (CVE-2014-2653, CVE-2014-2532)
4.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.007 Low
EPSS
Percentile
77.6%
Summary
Security vulnerabilities have been identified in the level of OpenSSH that is currently shipped with GPFS V3.5.0.11, or later, on Windows. The current level of OpenSSH could allow a remote attacker to bypass security restrictions caused by:
- (CVE-2014-2653) an error in the SSH client when handling a HostCertificate.
- (CVE-2014-2532) the inclusion of wildcard characters in the AcceptEnv lines of the sshd_config configuration file within the sshd program.
Vulnerability Details
CVE-2014-2653
DESCRIPTION: OpenSSH could allow a remote attacker to bypass security restrictions, caused by an error in the SSH client when handling a HostCertificate. By persuading a victim to visit a specially-crafted Web site containing a malicious certificate, an attacker could exploit this vulnerability using a malicious server to disable SSHFP-checking.
CVSS Base Score: 4.3
CVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/92116> for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVE-2014-2532
DESCRIPTION: OpenSSH could allow a remote attacker to bypass security restrictions, caused by the inclusion of wildcard characters in the AcceptEnv lines of the sshd_config configuration file within the sshd program. By using a substring before a wildcard character, an attacker could exploit this vulnerability to bypass intended environment restrictions.
CVSS Base Score: 5
CVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/91986> for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)
Affected Products and Versions
GPFS V3.5.0.11 or later levels of V3.5 on Windows.
Remediation/Fixes
In GPFS V3.5.0.20 dated October 2014, IBM patched the OpenSSH-6.6p1 shipped to address this vulnerability. System administrators should update their systems to GPFS V3.5.0.20 by following the steps below.
1. Download the GPFS 3.5.0.20 update package dated October 2014 into any directory on your system. From IBM at http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Cluster%2Bsoftware&product=ibm/power/IBM+General+Parallel+File+System&release=3.5.0&platform=Windows&function=all
2. Extract the contents of the ZIP archive so that the .msi file it includes is directly accessible to your system.
3. Follow the instructions in the README included in the update package in order to install the OpenSSH msi package.
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| general parallel file system | eq | 3.5.0 |
Related
4.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.007 Low
EPSS
Percentile
77.6%