IBM4F553517AF5D2CC17F37F8C3126C4F05ABBFAC6B230325132DA25AAF70E8D257Security Bulletin: Network Intrusion Prevention System is affected by multiple D-BUS and PHP vulnerabilities (CVE-2014-3638, CVE-2014-3639, CVE-2014-3477, CVE-2014-5459, CVE-2014-3597, CVE-2014-4721)
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.028 Low
EPSS
Percentile
90.4%
Summary
Security vulnerabilities have been discovered in the D-BUS (CVE-2014-3638 CVE-2014-3639 CVE-2014-3477) and PHP (CVE-2014-5459 CVE-2014-3597 CVE-2014-4721) components of IBM Security Network Intrusion Prevention System
Vulnerability Details
CVE-ID:CVE-2014-3638
**DESCRIPTION:**D-Bus is vulnerable to a denial of service, caused by an error related to method call replies. By sending the maximum number of parallel method calls, a local attacker could exploit this vulnerability to cause a denial of service.
CVSS Base Score: 2.1
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/96009 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:L/Au:N/C:N/I:N/A:P)
CVE-ID:CVE-2014-3639
**DESCRIPTION:**D-Bus is vulnerable to a denial of service, caused by an error related to incomplete connections. By making repeated connection attempts, a local attacker could exploit this vulnerability to cause a denial of service.
CVSS Base Score: 2.1
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/96010 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:L/Au:N/C:N/I:N/A:P)
CVE-ID:CVE-2014-3477
**DESCRIPTION:**D-Bus is vulnerable to a denial of service, caused by an error in the dbus-daemon. By sending an activation message, a local attacker could exploit this vulnerability to cause a memory leak and a denial of service.
CVSS Base Score: 2.1
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/93760 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:L/Au:N/C:N/I:N/A:P)
CVE-ID:CVE-2014-5459
**DESCRIPTION:**PHP Pear could allow a local attacker to launch a symlink attack. The PEAR_REST class in REST.php creates temporary files insecurely. A local attacker could exploit this vulnerability by creating a symbolic link from a temporary file to various files on the system, which could allow the attacker to write to arbitrary files on the system with elevated privileges.
CVSS Base Score: 3.3
CVSS Temporal Score: https://exchange.xforce.ibmcloud.com/vulnerabilities/95480 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:M/Au:N/C:N/I:P/A:P)
CVE-ID:CVE-2014-4721
**DESCRIPTION:**PHP could allow a remote attacker to obtain sensitive information, caused by an error in the /ext/standard/info.c file when handling multiple variables. An attacker could exploit this vulnerability to obtain the SSL RSA key and other sensitive information.
CVSS Base Score: 5.0
CVSS Temporal Score: https://exchange.xforce.ibmcloud.com/vulnerabilities/94287 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVE-ID:CVE-2014-3597
**DESCRIPTION:**PHP is vulnerable to a heap-based buffer overflow, caused by an incomplete fix related to improper bounds checking when parsing DNS TXT record. By sending an overly long string, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVSS Base Score: 7.5
CVSS Temporal Score: https://exchange.xforce.ibmcloud.com/vulnerabilities/95405 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Affected Products and Versions
**Products:**GX3002, GX4002, GX4004, GX4004-v2, GX5008, GX5008-v2, GX5108, GX5108-v2, GX5208, GX5208-v2, GX6116, GX7412, GX7412-10, GX7412-05, GX7800, GV200, GV1000
Firmware versions: 4.6.2, 4.6.1, 4.6, 4.5, 4.4, and 4.3
Remediation/Fixes
The following IBM Threat Fixpacks have the fixes for these vulnerabilities:
- 4.6.2.0-ISS-ProvG-AllModels-System-FP0003_
for all IBM Security Network Intrusion Prevention System products at Firmware version 4.6.2_ - 4.6.1.0-ISS-ProvG-AllModels-System-FP0007_
for all IBM Security Network Intrusion Prevention System products at Firmware version 4.6.1_ - 4.6.0.0-ISS-ProvG-AllModels-System-FP0005_
for all IBM Security Network Intrusion Prevention System products at Firmware version 4.6_ - 4.5.0.0-ISS-ProvG-AllModels-System-FP0007=
for all IBM Security Network Intrusion Prevention System products at Firmware version 4.5 - 4.4.0.0-ISS-ProvG-AllModels-System-FP0007_
for all IBM Security Network Intrusion Prevention System products at Firmware version 4.4_ - 4.3.0.0-ISS-ProvG-AllModels-System-FP0005
for all IBM Security Network Intrusion Prevention System products at Firmware version 4.3
Workarounds and Mitigations
None
**
Related
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.028 Low
EPSS
Percentile
90.4%