IBMC4D6C2CE9705DBFB377D43A3AA1F8ED0F247ABA8F0CE52D13EADCCA533660F03Security Bulletin: Vulnerabilities in cURL component shipped with IBM Rational ClearCase (CVE-2017-1000100, CVE-2017-1000254, CVE-2017-1000257)
9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
Summary
IBM Rational ClearCase is affected by cURL/libcURL vulnerabilities.
Vulnerability Details
CVEID: CVE-2017-1000100**
DESCRIPTION:** cURL could allow a remote attacker to obtain sensitive information, caused by a TFTP URL processing error when doing a TFTP transfer. By redirecting a libcurl-using client request to a TFTP URL containing an overly long file name, an attacker could exploit this vulnerability to send private memory contents and obtain sensitive information.
CVSS Base Score: 5.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/130190 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVEID: CVE-2017-1000254 DESCRIPTION: libcurl is vulnerable to a denial of service, caused by a buffer overread in the string parser. By sending a specially-crafted response to a PWD command, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base Score: 7.5
CVSS Temporal Score: https://exchange.xforce.ibmcloud.com/vulnerabilities/133027 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2017-1000257**
DESCRIPTION:** cURL is vulnerable to a denial of service, caused by a buffer overread in the IMAP handler. By using a specially crafted IMAP FETCH response, a remote attacker could exploit this vulnerability to cause the application to crash or obtain sensitive information.
CVSS Base Score: 6.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/134033 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L)
Affected Products and Versions
The cURL component is used in the CMI integration, the OSLC-based ClearQuest integration, and in the automatic view client.
ClearCase client version
|
Status
—|—
9.0.1 through 9.0.1.1
|
Affected
9.0 through 9.0.0.5
|
Affected
8.0.1 through 8.0.1.15
|
Affected
8.0 through 8.0.0.21
|
Affected
Remediation/Fixes
The solution is to upgrade to a fix pack of ClearCase that disables the vulnerable configuration in the cURL component.
Affected Versions
|
** Applying the fix**
—|—
9.0.1 through 9.0.1.1
| Install Rational ClearCase Fix Pack 2 (9.0.1.2) for 9.0.1
9.0 through 9.0.0.5
| Install Rational ClearCase Fix Pack 6 (9.0.0.6) for 9.0
8.0.1 through 8.0.1.15
8.0 through 8.0.0.21
| Install Rational ClearCase Fix Pack 16 (8.0.1.16) for 8.0.1
For 7.0, 7.1, and earlier releases, IBM recommends upgrading to a fixed, supported version/release/platform of the product.
Workarounds and Mitigations
None
Related
9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P