Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2013.0309
Security Bulletin: IBM Security Network Intrusion Prevention System can be
affected by vulnerabilities in OpenSSL (CVE-2011-4576,
CVE-2011-4619, CVE-2012-2131 and CVE-2012-1165)
1 March 2013
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: IBM Security Network Intrusion Prevention System
Publisher: IBM
Operating System: Network Appliance
Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated
Access Privileged Data -- Remote/Unauthenticated
Denial of Service -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2012-2131 CVE-2012-2110 CVE-2012-1165
CVE-2011-4619 CVE-2011-4576 CVE-2006-7250
Reference: ESB-2013.0300
ESB-2012.0732
ESB-2012.0506
ESB-2012.0431
ESB-2012.0408
ESB-2012.0407
ESB-2012.0389
ESB-2012.0388
ESB-2012.0318
ESB-2012.0305
ESB-2012.0113
ESB-2012.0087
ESB-2012.0082
ESB-2012.0062
ESB-2012.0027
Original Bulletin:
http://www-01.ibm.com/support/docview.wss?uid=swg21626257
- --------------------------BEGIN INCLUDED TEXT--------------------
Security Bulletin: IBM Security Network Intrusion Prevention System can be
affected by vulnerabilities in OpenSSL (CVE-2011-4576, CVE-2011-4619,
CVE-2012-2131 and CVE-2012-1165)
Document information
Proventia Network Intrusion Prevention System
Software version:
1.7, 1.8, 2.4, 2.5, 3.2, 3.3, 4.1, 4.2, 4.3, 4.4, 4.5
Operating system(s):
Firmware
Reference #:
1626257
Modified date:
2013-02-21
Abstract
IBM Security Network Intrusion Prevention System can be affected by several
vulnerabilities in OpenSSL. These vulnerabilities include obtaining sensitive
information, denial of service and code execution vulnerabilities that could be
exploited remotely by an attacker.
Content
VULNERABILITY DETAILS
The following information was provided by OpenSSL. In the case of IBM Security
Network Intrusion Prevention System the Local Management Interface, SSH and
the security management network ports are affected by the vulnerabilities
with the exception of CVE-2012-2131 which only affects the Local Management
Interface. Further, for each vulnerability identified below, no authentication
is required, the vulnerability is remotely exploitable, and no specialized
knowledge is required.
CVE-ID: CVE-2011-4576
DESCRIPTION:
The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does
not properly initialize data structures for block cipher padding, which might
allow remote attackers to obtain sensitive information by decrypting the
padding data sent by an SSL peer.
CVSS Base Score: 5
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/72130 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVE-ID: CVE-2011-4619
DESCRIPTION:
The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and
1.x before 1.0.0f does not properly handle handshake restarts, which allows
remote attackers to cause a denial of service (CPU consumption) via
unspecified vectors.
CVSS Base Score: 4.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/72132 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVE ID: CVE-2012-2131
DESCRIPTION:
Multiple integer signedness errors in crypto/buffer/buffer.c in OpenSSL 0.9.8v
allow remote attackers to conduct buffer overflow attacks, and cause a denial
of service (memory corruption) or possibly have unspecified other impact,
via crafted DER data, as demonstrated by an X.509 certificate or an RSA public
key. NOTE: this vulnerability exists because of an incomplete fix
for CVE-2012-2110.
CVSS Base Score: 7.5
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/75099 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVE ID: CVE-2012-1165
DESCRIPTION:
The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL before 0.9.8u
and 1.x before 1.0.0h allows remote attackers to cause a denial of service
(NULL pointer dereference and application crash) via a crafted S/MIME message,
a different vulnerability than CVE-2006-7250.
CVSS Base Score: 5
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/74100 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)
AFFECTED PRODUCTS AND VERSIONS:
Products: GX3002, GX4002, GX4004, GX4004-v2, GX5008, GX5008-v2, GX5108,
GX5108-v2, GX5208, GX5208-v2, GX6116, GX7412, GX7412-10, GX7412-05, GX7800,
GV200, GV1000
Firmware versions: 1.x, 2.x, 3.x, 4.1, 4.2, 4.3, 4.4, 4.5
REMEDIATION:
The following IBM Threat Fixpacks have the fixes for these vulnerabilities.
* 4.4.0.0-ISS-ProvG-AllModels-System-FP0001 for all IBM Security Network
Intrusion Prevention System products at Firmware version 4.4
* 4.5.0.0-ISS-ProvG-AllModels-System-FP0001 for all IBM Security Network
Intrusion Prevention System products at Firmware version 4.5
IBM Security Network Intrusion Prevention System users on Firmware 1.x, 2.x,
3.x, 4.1, 4.2 and 4.3 should upgrade to Firmware 4.4, with fixpack
4.4.0.0-ISS-ProvG-AllModels-System-FP0001, or Firmware 4.5, with fixpack
4.5.0.0-ISS-ProvG-AllModels-System-FP0001, or later.
Contact IBM Security Systems Support (http://www-947.ibm.com/support/entry/portal/overview)
to upgrade to the above required Fixpacks.
Workaround(s):
None
Mitigation(s):
None
REFERENCES:
* Complete CVSS Guide
* On-line Calculator V2
* CVE-2012-2131
* CVE-2011-4576:
* CVE-2011-4619:
* CVE-2012-1165
RELATED INFORMATION:
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog
ACKNOWLEDGEMENT
None
*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the
impact of this vulnerability in their environments by accessing the links
in the Reference section of this Flash.
Note: According to the Forum of Incident Response and Security Teams (FIRST),
the Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT
OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBUTBJzu4yVqjM2NGpAQJUTQ/+OydtlfLEXir7HxzvQRaOoI3oV6jf1o73
M+t4lhcqI6UmoglMA/M6UatBndWX3PRVifmXVEgaYi+AjCeAUeefBbF2b9r3tLiq
CIdpaEDqXGvWZwm8n1ucCAwMbqIN0FBHk1i93zuaI+5e/5SK2GTgTJwurZqtqYkQ
SXIKGWK8Ek24STQXPh79/xuWdqOaceaX0FE0oxW6KP+QFpn8kLeqOMX4UWIZtpe4
lXYszcOIUKYbJTTDGag2o54vWY/Ro2i+3g47ePO85mnsh9YxYwhy/ud9jITaY5Mv
7tugE1RD5yB5ZBfq+MbtFLVgUEw1mBHEp/24bt7ziPDf/FswiF67+t0c5GVPLBkm
EbI+/Ic/xXIEtVjA3gGudaRf6ziStBTHdc4z8aCqmoNvxFN7/4iS/AnMeVbcrkrA
t6FpJXEGAzRCR+PMrXnO7IuXKsgfIPVbIvpS1RsGNwWQKg7erV+S2WJ4LKq3DM4Z
CBIqlglZhPbTqqfmOphpRBMwdRYY36O80PuX+vRs/1xrKTEgr/F2Ght/A8x/g7To
zY6KZjUxx45jTv0+/6fS6wL+SWwWmSKO5xAVG1/ttNe80HsXy3qN/rhdDyZ14dtv
EvYskWpxKHeF+OuHxYTf/ABz5QWkvZOEF6TuRXOPvvgBTUGxfX9kM5mSSvfcPQzX
AZv6z/Chvds=
=/YY0
-----END PGP SIGNATURE-----