Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2019.1346
IBM BladeCenter Advanced Management Module security updates
18 April 2019
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: IBM System x Blades
Publisher: IBM
Operating System: Linux variants
Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction
Access Privileged Data -- Existing Account
Denial of Service -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2017-15804 CVE-2017-15670 CVE-2015-5180
Reference: ESB-2019.1029
ESB-2018.3848
ESB-2018.2910
ESB-2017.0768
Original Bulletin:
http://www.ibm.com/support/docview.wss?uid=ibm10880787
http://www.ibm.com/support/docview.wss?uid=ibm10880781
http://www.ibm.com/support/docview.wss?uid=ibm10874892
Comment: This bulletin contains three (3) IBM security advisories.
- --------------------------BEGIN INCLUDED TEXT--------------------
IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerabilities
in GNU glibc (CVE-2017-15804 CVE-2017-15670 CVE-2015-5180)
Product: System x Blades
Component: IBM BladeCenter Advanced Management Module (AMM)
Software version: All Versions
Operating system(s): Firmware
Reference #: 0880787
Security Bulletin
Summary
IBM Advanced Management Module (AMM) has addressed the following
vulnerabilities in GNU glibc.
Vulnerability Details
CVEID: CVE-2017-15804
DESCRIPTION: GNU C Library (aka glibc or libc6) is vulnerable to a buffer
overflow, caused by improper bounds checking by glob function in glob.c. By
using a specially-crafted file, a local attacker could overflow a buffer.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
133996 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)
CVEID: CVE-2017-15670
DESCRIPTION: GNU C Library is vulnerable to a heap-based buffer overflow,
caused by improper bounds checking by the glob function in glob.c. By sending a
specially-crafted string, a remote attacker could overflow a buffer and execute
arbitrary code on the system.
CVSS Base Score: 7.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
133915 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVEID: CVE-2015-5180
DESCRIPTION: glibc is vulnerable to a denial of service, caused by a NULL
pointer dereference in the res_query function in libresolv. By using a
malformed pattern, a remote attacker could cause the process to crash.
CVSS Base Score: 7.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
130620 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Affected Products and Versions
Product Affected Version
IBM BladeCenter Advanced Management Module (AMM) BPET
IBM BladeCenter T Advanced Management Module (AMM) BBET
Remediation/Fixes
Firmware fix versions are available on Fix Central: http://www.ibm.com/support/
fixcentral/
Product Affected Version
IBM BladeCenter Advanced Management Module (AMM) bpet68l-3.68l
(ibm_fw_amm_bpet68l-3.68l_anyos_noarch)
IBM BladeCenter T Advanced Management Module (AMM) bbet68l-3.68l
( ibm_fw_amm_bbet68l-3.68l_anyos_noarch)
Workarounds and Mitigations
None
Change History
15 April 2019: Initial version published
- --------------------------------------------------------------------------------
IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerability
in OpenSSL (CVE-2018-0737)
Product: System x Blades
Component: IBM BladeCenter Advanced Management Module (AMM)
Software version: All Versions
Operating system(s): Firmware
Reference #: 0880781
Security Bulletin
Summary
IBM Advanced Management Module (AMM) has addressed the following vulnerability
in OpenSSL.
Vulnerability Details
CVEID: CVE-2018-0737
DESCRIPTION: OpenSSL could allow a local attacker to obtain sensitive
information, caused by a cache-timing side channel attack in the RSA Key
generation algorithm. An attacker with access to mount cache timing attacks
during the RSA key generation process could exploit this vulnerability to
recover the private key and obtain sensitive information.
CVSS Base Score: 3.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
141679 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)
Affected Products and Versions
Product Affected Version
IBM BladeCenter Advanced Management Module (AMM) BPET
IBM BladeCenter T Advanced Management Module (AMM) BBET
Remediation/Fixes
Firmware fix versions are available on Fix Central: http://www.ibm.com/support/
fixcentral/
Product Affected Version
IBM BladeCenter Advanced Management Module (AMM) bpet68l-3.68l
(ibm_fw_amm_bpet68l-3.68l_anyos_noarch)
IBM BladeCenter T Advanced Management Module (AMM) bbet68l-3.68l
( ibm_fw_amm_bbet68l-3.68l_anyos_noarch)
Workarounds and Mitigations
None
Change History
16 April 2019: Initial version published
- --------------------------------------------------------------------------------
IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerabilities
in python (CVE-2018-1061 CVE-2018-1060 CVE-2016-5636)
Product: System x Blades
Component: IBM BladeCenter Advanced Management Module (AMM)
Software version: All Versions
Operating system(s): Firmware
Reference #: 0874892
Security Bulletin
Summary
IBM Advanced Management Module (AMM) has addressed the following
vulnerabilities in python.
Vulnerability Details
CVEID: CVE-2018-1061
DESCRIPTION: Python is vulnerable to a denial of service, caused by
catastrophic backtracking in the difflib.IS_LINE_JUNK method. A remote attacker
could exploit this vulnerability to cause the application to crash.
CVSS Base Score: 6.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
145115 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
CVEID: CVE-2018-1060
DESCRIPTION: Python is vulnerable to a denial of service, caused by
catastrophic backtracking in the pop3lib''s apop() method. A remote attacker
could exploit this vulnerability to cause the application to crash.
CVSS Base Score: 6.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
145116 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
CVEID: CVE-2016-5636
DESCRIPTION: zipimport module for Python is vulnerable to a heap-based buffer
overflow, caused by improper bounds checking by the get_data() function in
zipimport.c. A remote attacker could overflow a buffer and execute arbitrary
code on the system or cause the application to crash.
CVSS Base Score: 7.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
114309 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Affected Products and Versions
Product Affected Version
IBM BladeCenter Advanced Management Module (AMM) BPET
IBM BladeCenter T Advanced Management Module (AMM) BBET
Remediation/Fixes
Firmware fix versions are available on Fix Central: http://www.ibm.com/support/
fixcentral/
Product Affected Version
IBM BladeCenter Advanced Management Module (AMM) bpet68l-3.68l
(ibm_fw_amm_bpet68l-3.68l_anyos_noarch)
IBM BladeCenter T Advanced Management Module (AMM) bbet68l-3.68l
( ibm_fw_amm_bbet68l-3.68l_anyos_noarch)
Workarounds and Mitigations
None
Change History
15 April 2019: Initial version published
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBXLftJ2aOgq3Tt24GAQiHLQ//VWn+/McLp1U4NQTi7+rgAEw1n0QTdkoj
u5ABcldYYvrA8QwcP4bJwXUv7mZatoiaT0qyieb2YisXbkuwXMc5v/XYnknocCOQ
xyP2ZkK3TCZjFFc7+i//oOGEFZLqdTffyJyTarStaQb3+CFhCteGmgxuD0hLtNkA
akHh2Thbs7S8U3CdkRl1sfCYxhY29uljSZFmeACM73InoPmJBkOmBOZSqW4n290Z
DBED2JYybXmBvlEWdv3gyL7HOaFO9qN3mKFQF24nFQqY8c4YZrZ9Ti+RJlF+0RXz
KAPg0q23PBOlKUI9ahufmqkRoYUkH4p4n/bBxeSi+XRaL6Eh6W6i4h3lPRgGz9qV
WqpWkzLDTt4xN7+1LW1NJfIcZ9Q2tWjbdAduu0y5gXk/O5Qr1pPnfJixnZvI+TXz
NtJcImvUXqSPVJJ+xyucGOW5uJbcq3VIHLVtKp+kRpOfmICHa2TplsKehvVnGvRN
h1yt8wcdL1QpxCB7wBKmgDn2bKUTM2GRrwpcBMwph1TaSyW78GJ3M9p4LStsvn2P
sYNa2eGb0mveenucLZoDaX+iPW3Fzp/xM6DcazlBE3Coa9xYQI1PyC+TNq/i18Y6
7YH6bWXUKEQq/fBgI/VrJ8aNq0t5enryBC6Or9I/S8W9a/wrM/ehXWW7//Omrfqm
Agj0RfAeNaE=
=fq7g
-----END PGP SIGNATURE-----