Flexera InstallAnywhere generates installation executables which are vulnerable to a DLL-planting vulnerability during installs on Windows systems. InstallAnywhere is used by IBM Sterling Secure Proxy.
CVEID: CVE-2016-2542 DESCRIPTION: Flexera InstallShield could allow a local attacker to gain elevated privileges on the system, caused by an untrusted search path. An attacker could exploit this vulnerability using a Trojan horse DLL in the current working directory of a setup-launcher executable file to gain elevated privileges on the system.
CVSS Base Score: 7.8
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/110914 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
IBM Sterling Secure Proxy 3.4.3 GA
IBM Sterling Secure Proxy 3.4.2 through 3.4.2.0 iFix 7
Use install images from the following iFixes to remediate the vulnerability on Windows systems. UNIX systems are not susceptible to this vulnerability.
Product|
VRMF
|
iFix
| Remediation/First Fix
—|—|—|—
IBM Sterling Secure Proxy|
3.4.3.0
|
iFix 1
| Fix Central
IBM Sterling Secure Proxy|
3.4.2.0
|
iFix 8
To install a previous vulnerable version of IBM Sterling Secure Proxy on Microsoft Windows, follow these steps to work around the vulnerability.
1. As an administrator, create a new secure directory. The directory must not have existed before and only the administrator should have write permission to it. The directory must not be a subdirectory of the Downloads directory.
2. Unzip or copy the files from your installation media into this new directory.
3. Ensure there are no DLL files in this directory.
4. Run the .Win_X64.exe***executable(s) from this directory to install the product. Proceed with the installation as normal.
CPE | Name | Operator | Version |
---|---|---|---|
ibm sterling secure proxy | eq | 3.4.3 | |
ibm sterling secure proxy | eq | 3.4.2 |