Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2019.3850
IBM Security Guardium Big Data Intelligence updates Bouncy Castle
16 October 2019
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Guardium Big Data Intelligence
Publisher: IBM
Operating System: Linux variants
Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated
Access Confidential Data -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2018-1000613 CVE-2018-5382 CVE-2017-13098
CVE-2016-1000352 CVE-2016-1000346 CVE-2016-1000345
CVE-2016-1000344 CVE-2016-1000343 CVE-2016-1000342
CVE-2016-1000341 CVE-2016-1000339 CVE-2016-1000338
CVE-2013-1624
Reference: ESB-2018.2675.2
ESB-2014.0439
Original Bulletin:
https://www.ibm.com/support/pages/node/960296
- --------------------------BEGIN INCLUDED TEXT--------------------
IBM Security Guardium Big Data Intelligence is affected by a Using Components
with Known Vulnerabilities vulnerability
Security Bulletin
Summary
IBM Security Guardium is aware of the following vulnerability
Vulnerability Details
CVEID: CVE-2016-1000342
DESCRIPTION: Bouncy Castle JCE Provider could provide weaker than expected
security, caused by improper validation of ASN.1 encoding of signature in the
ECDSA. A remote attacker could exploit this vulnerability to launch further
attacks.
CVSS Base Score: 7.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
151811 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVEID: CVE-2016-1000341
DESCRIPTION: Bouncy Castle JCE Provider could provide weaker than expected
security, caused by a flaw in the DSA signature generation. A remote attacker
could exploit this vulnerability to launch timing attacks.
CVSS Base Score: 7.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
151812 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVEID: CVE-2016-1000339
DESCRIPTION: Bouncy Castle JCE Provider could allow a remote attacker to obtain
sensitive information, caused by a flaw in the AESEngine. An attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
151814 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2016-1000338
DESCRIPTION: Bouncy Castle JCE Provider could provide weaker than expected
security, caused by improper validation of ASN.1 encoding of signature in the
DSA. A remote attacker could exploit this vulnerability to launch further
attacks.
CVSS Base Score: 7.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
151815 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVEID: CVE-2013-1624
DESCRIPTION: Bouncy Castle could allow a remote attacker to obtain sensitive
information, caused by the exposure of timing differences during padding check
verification by the CBC ciphersuite of the Transport Layer Security (TLS)
implementation. An attacker could exploit this vulnerability using a timing
attack to recover the original plaintext and obtain sensitive information.
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
81910 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVEID: CVE-2016-1000344
DESCRIPTION: Bouncy Castle JCE Provider could provide weaker than expected
security, caused by a flaw in the DHIES implementation. A remote attacker could
exploit this vulnerability to launch further attacks on the system.
CVSS Base Score: 7.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
151809 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVEID: CVE-2016-1000343
DESCRIPTION: Bouncy Castle JCE Provider could provide weaker than expected
security, caused by a flaw in the DSA key pair generator. A remote attacker
could exploit this vulnerability to launch further attacks.
CVSS Base Score: 7.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
151810 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVEID: CVE-2018-5382
DESCRIPTION: Bouncy Castle could allow a local attacker to obtain sensitive
information, caused by an error in the BKS version 1 keystore files. By
utilizing an HMAC that is only 16 bits long for the MAC key size, an attacker
could exploit this vulnerability using brute-force techniques to crack a BKS-V1
keystore file in seconds and gain access to the keystore contents.
CVSS Base Score: 4.4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
140465 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N)
CVEID: CVE-2018-1000613
DESCRIPTION: Legion of the Bouncy Castle Java Cryptography APIs could allow a
remote attacker to execute arbitrary code on the system, caused by an unsafe
reflection flaw in XMSS/XMSS^MT private key deserialization. By using
specially-crafted private key, an attacker could exploit this vulnerability to
execute arbitrary code on the system.
CVSS Base Score: 9.8
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
148041 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2016-1000352
DESCRIPTION: Bouncy Castle JCE Provider could provide weaker than expected
security, caused by a flaw in the ECIES implementation. A remote attacker could
exploit this vulnerability to launch further attacks on the system.
CVSS Base Score: 7.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
151806 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVEID: CVE-2016-1000346
DESCRIPTION: Bouncy Castle JCE Provider could allow a remote attacker to obtain
sensitive information, caused by a flaw in the other party DH public key. A
remote attacker could exploit this vulnerability to reveal details via invalid
keys.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
151807 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2016-1000345
DESCRIPTION: Bouncy Castle JCE Provider could provide weaker than expected
security, caused by an environment where timings can be easily observed. A
remote attacker could exploit this vulnerability to conduct a padding oracle
attack.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
151808 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13098
DESCRIPTION: Bouncy Castle could allow a remote attacker to obtain sensitive
information, caused by an RSA Adaptive Chosen Ciphertext (Bleichenbacher)
attack. By utilizing discrepancies in TLS error messages, an attacker could
exploit this vulnerability to obtain the data in the encrypted messages once
the TLS session has completed. Note: This vulnerability is also known as the
ROBOT attack.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
136241 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Affected Products and Versions
+--------------------------------------------+-----------------+
| Affected IBM Security Guardium |Affected Versions|
+--------------------------------------------+-----------------+
|IBM Security Guardium Big Data Intelligence |1.0 |
+--------------------------------------------+-----------------+
Remediation/Fixes
+---------------------+---------------+----------------------------------------------------------------------+
| Product | VRMF | Remediation / First Fix |
+---------------------+---------------+----------------------------------------------------------------------+
|IBM Security Guardium|1.0 |https://gbdi-packages.jsonar.com/ |
|Big Data Intelligence| |rhel7.x_IBM_Guardium_big_data_security_installer_4.1.x_20191011.tar.gz|
+---------------------+---------------+----------------------------------------------------------------------+
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBXaaWFWaOgq3Tt24GAQh8Vw//eGax9XohKSrYerDRm/vQxEWZdwU2t6dV
tBaC252ZX/gS+WsYnKGaLYtIyzQ9yWOOPyF2kt1WTXjs7uZw9vp8xS1m5OGXbuhZ
+yMlyXeL9gIiaUEBe1myVV2YOpML1dnqILmtYEVOipoKwv1BmviDR2Xn3ddi9el+
wwgSeuwK8U/2XZyd+9A5GaoukfxuPJTJnyMmt6Z1UgRnJrDeJxeaSaIqKfE38F75
wy9o1THrlTuW2CN2/I0DS0aufIyDXQ+8MfmGeyHQmlDZIpS8m23XB1XxbAl7PBvd
w6+q1MGf+RknnlGOnhm9QszAJ3ErogblUpsbl0gbFdokhPMaE2S77jbr2pTA3Xto
eBYoPTWJMod4Bx8sxqZIQ5Nm+BxeNVhEVWLVc4jMuh0uItdju6V613XSQDTxGYxR
UphL6DHizIiS8tHvS6qD0wCCFyZQaRAC2+fLqcAbBjgWNUftwigIPIDlrzNe9Kq9
j0thxLUpty3lN6E1kG+SZmGspYVJV0dpfDkgntDb3+EzlOqVymCB7IphhrJBgBIL
EWpoTPBIqwe8KT2G4nPqcR6X8EYBc/hm2xSvn16h8z1zDMK9p6d3nFNXoJEJufj2
smcV4d7naMBsw3fwxd3M00HBmtUVzfNZTSVX675llzO9Gk/7J8JqLtCtH7YZ5nvF
jAWuiY/+DFk=
=8PoW
-----END PGP SIGNATURE-----