ESB-2017.2080 - [Linux] IBM Security Guardium: Multiple vulnerabilities 2017-08-18

Printable version
PGP/GPG verifiable version

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2017.2080
 Security Bulletin: IBM Security Guardium is affected by Using Components
                with Known vulnerabilities (multiple CVEs)
                              18 August 2017

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           IBM Security Guardium
Publisher:         IBM
Operating System:  Linux variants
Impact/Access:     Execute Arbitrary Code/Commands -- Remote/Unauthenticated      
                   Access Privileged Data          -- Remote/Unauthenticated      
                   Increased Privileges            -- Existing Account            
                   Denial of Service               -- Remote/Unauthenticated      
                   Cross-site Scripting            -- Remote with User Interaction
                   Provide Misleading Information  -- Remote with User Interaction
                   Reduced Security                -- Remote/Unauthenticated      
Resolution:        Patch/Upgrade
CVE Names:         CVE-2016-9311 CVE-2016-9310 CVE-2016-9147
                   CVE-2016-8635 CVE-2016-7545 CVE-2016-7433
                   CVE-2016-7429 CVE-2016-7426 CVE-2016-7117
                   CVE-2016-7076 CVE-2016-7032 CVE-2016-6313
                   CVE-2016-6306 CVE-2016-6304 CVE-2016-6302
                   CVE-2016-5699 CVE-2016-5424 CVE-2016-5408
                   CVE-2016-5285 CVE-2016-2834 CVE-2016-2182
                   CVE-2016-2181 CVE-2016-2180 CVE-2016-2179
                   CVE-2016-2178 CVE-2016-1248 CVE-2016-0787
                   CVE-2016-0772 CVE-2016-0718 CVE-2015-7940
                   CVE-2015-2575 CVE-2015-0254 CVE-2014-9653
                   CVE-2014-9620 CVE-2014-8117 CVE-2014-8116
                   CVE-2014-3710 CVE-2014-3587 CVE-2014-3584
                   CVE-2014-3538  

Reference:         ASB-2017.0120
                   ASB-2017.0115
                   ESB-2014.1551.2
                   ESB-2014.1431

Original Bulletin: 
   http://www.ibm.com/support/docview.wss?uid=swg22007413

- --------------------------BEGIN INCLUDED TEXT--------------------

Security Bulletin: IBM Security Guardium is affected by Using Components
with Known vulnerabilities (multiple CVEs)

Document information

More support for: IBM Security Guardium

Software version: 10.0, 10.0.1, 10.1, 10.1.2

Operating system(s): Linux

Reference #: 2007413

Modified date: 17 August 2017

Security Bulletin

Summary

IBM Security Guardium is affected by Using Components with Known
vulnerabilities. IBM Security Guardium has fixed these vulnerabilities

Vulnerability Details

CVEID: CVE-2014-3584
DESCRIPTION: Apache CXF is vulnerable to a denial of service, caused by
the processing of SAML tokens received in the authorization header of a
request by the Apache CXF JAX-RS service. By passing malicious values using
the SamlHeaderInHandler, an attacker could exploit this vulnerability to
cause the application to enter into an infinite loop.
CVSS Base Score: 5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/97753 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVEID: CVE-2014-3538
DESCRIPTION: Fine Free file is vulnerable to a denial of service, caused
by the failure to properly restrict the amount of data read during a
regex search. A remote attacker could exploit this vulnerability using a
specially-crafted file to consume all available CPU resources.
CVSS Base Score: 5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/94324 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVEID: CVE-2016-9311
DESCRIPTION: NTP is vulnerable to a denial of service, caused by a NULL
pointer dereference when trap service has been enabled. By sending specially
crafted packets, a remote attacker could exploit this vulnerability to
cause the application to crash.
CVSS Base Score: 4.4
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/119086 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2016-9310
DESCRIPTION: NTP is vulnerable to a denial of service, caused by an error
in the control mode (mode 6) functionality. By sending specially crafted
control mode packets, a remote attacker could exploit this vulnerability
to obtain sensitive information and cause the application to crash.
CVSS Base Score: 6.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/119087 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L)

CVEID: CVE-2016-9147
DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by the
improper handling of responses containing DNSSEC-related RRsets that are
inconsistent with other RRsets in the same query response. By sending a
malformed response, a remote attacker could exploit this vulnerability to
trigger an assertion failure.
CVSS Base Score: 7.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/120473 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2016-8635
DESCRIPTION: Mozilla Network Security Services (NSS), as used in Mozilla
Firefox, could allow a remote attacker to obtain sensitive information,
caused by a small subgroup confinement attack in Diffie Hellman Client
key exchange handling. By confining the client DH key to small subgroup
of the desired group, a remote attacker could exploit this vulnerability
to recover private keys.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/119190 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2016-7545
DESCRIPTION: Policycoreutils could allow a remote attacker to execute
arbitrary commands on the system, caused by a TIOCSTI ioctl attack in the
provided sandbox tool. By persuading a victim to run a specially-crafted
program, an attacker could exploit this vulnerability to execute arbitrary
commands on the system.
CVSS Base Score: 7.1
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/119020 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)

CVEID: CVE-2016-7433
DESCRIPTION: NTP is vulnerable to a denial of service, caused by the
inclusion of the root delay allowing for an incorrect root distance
calculation. An attacker could exploit this vulnerability to cause a denial
of service.
CVSS Base Score: 1.6
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/119095 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2016-7429
DESCRIPTION: NTP is vulnerable to a denial of service, caused by an attack
on interface selection. By sending specially crafted packets with spoofed
source address, a physical attacker could exploit this vulnerability to
cause a denial of service.
CVSS Base Score: 1.6
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/119093 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:L)

CVEID: CVE-2016-7426
DESCRIPTION: NTP is vulnerable to a denial of service, caused by the
improper handling of invalid server responses. By sending specially crafted
packets with spoofed source address, a remote attacker could exploit this
vulnerability to a denial of service.
CVSS Base Score: 1.6
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/119094 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:L)

CVEID: CVE-2016-7117
DESCRIPTION: Linux Kernel could allow a remote attacker to execute arbitrary
code on the system, caused by a use-after-free in __sys_recvmmsg function
in net/socket.c. An attacker could exploit this vulnerability to execute
arbitrary code on the system.
CVSS Base Score: 7.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/117765 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

CVEID: CVE-2016-7076
DESCRIPTION: Sudo could allow a local authenticated attacker to execute
arbitrary commands on the system, caused by the bypass of the sudo noexec
restriction. By running an application via sudo executed wordexp() C
library function with a user supplied argument, an attacker could exploit
this vulnerability to execute arbitrary commands with elevated privileges.
CVSS Base Score: 6.7
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/119502 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)

CVEID: CVE-2016-7032
DESCRIPTION: Sudo could allow a local authenticated attacker to execute
arbitrary commands on the system, caused by the bypass of the sudo noexec
restriction. By running an application via sudo executed system() or popen()
C library functions with a user supplied argument, an attacker could exploit
this vulnerability to execute arbitrary commands with elevated privileges.
CVSS Base Score: 6.7
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/119500 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)

CVEID: CVE-2016-6313
DESCRIPTION: GnuPG could provide weaker than expected security, caused by
an error in the mixing functions when obtaining 4640 bits from the random
number generator. A local attacker could exploit this vulnerability to
predict the next 160 bits of output.
CVSS Base Score: 4
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/116169 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2016-6306
DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by missing
message length checks when parsing certificates. A remote authenticated
attacker could exploit this vulnerability to trigger an out-of-bounds read
and cause a denial of service.
CVSS Base Score: 4.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/117112 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2016-6304
DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by multiple
memory leaks in t1_lib.c during session renegotiation. By sending an overly
large OCSP Status Request extension, a remote attacker could exploit this
vulnerability to consume all available memory resources.
CVSS Base Score: 7.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/117110 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2016-6302
DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by the
failure to consider the HMAC size during validation of the ticket length
by the tls_decrypt_ticket function A remote attacker could exploit this
vulnerability using a ticket that is too short to cause a denial of service.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/117024 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2016-5699
DESCRIPTION: urllib2 and urllib for Python are vulnerable to HTTP header
injection, caused by improper validation of input. By persuading a victim
to visit a specially-crafted Web page, a remote attacker could exploit
this vulnerability to inject arbitrary HTTP headers, which will allow
the attacker to conduct various attacks against the vulnerable system,
including cross-site scripting, cache poisoning or session hijacking.
CVSS Base Score: 6.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/114200 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)

CVEID: CVE-2016-5424
DESCRIPTION: PostgreSQL could allow a remote authenticated attacker to
gain elevated privileges on the system, caused by the improper handling
of database and role names containing newlines, carriage returns, double
quotes, or backslashes. By running certain maintenance programs, an attacker
could grant the user superuser privileges.
CVSS Base Score: 8
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/116075 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)

CVEID: CVE-2016-5408
DESCRIPTION: SQUID is vulnerable to a stack-based buffer overflow, caused
by improper bounds checking by the munge_other_line function in the
cachemgr.cgi. By sending specially crafted data, a remote attacker could
overflow a buffer and execute arbitrary code on the system or cause the
application to crash.
CVSS Base Score: 7.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/116203 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

CVEID: CVE-2016-5285
DESCRIPTION: Mozilla Network Security Services (NSS), as used in Mozilla
Firefox, is vulnerable to a denial of service, caused by a NULL pointer
dereference in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime when
handling invalid Diffie-Hellman keys. A remote attacker could exploit this
vulnerability to crash a TLS/SSL server.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/119189 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2016-2834
DESCRIPTION: Mozilla Network Security Services (NSS), as used in Mozilla
Firefox, could allow a remote attacker to execute arbitrary code on
the system, caused by memory safety bugs within the browser engine. By
persuading a victim to visit a specially-crafted Web site, a remote attacker
could exploit this vulnerability using unknown attack vectors to execute
arbitrary code on the vulnerable system or cause a denial of service.
CVSS Base Score: 8.8
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/113870 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

CVEID: CVE-2016-2182
DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused
by an out-of-bounds write in the TS_OBJ_print_bio function in
crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability
using a specially crafted value to cause the application to crash.
CVSS Base Score: 4.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/116342 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)

CVEID: CVE-2016-2181
DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an
error in the DTLS replay protection implementation. By sending a specially
crafted sequence number, a remote attacker could exploit this vulnerability
to cause valid packets to be dropped.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/116344 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2016-2180
DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an
out-of-bounds read in the TS_OBJ_print_bio function. A remote attacker
could exploit this vulnerability using a specially crafted time-stamp file
to cause the application to crash.
CVSS Base Score: 7.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/115829 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2016-2179
DESCRIPTION: OpenSSL is vulnerable to a denial of service. By sending
specially crafted DTLS record fragments to fill up buffer queues, a
remote attacker could exploit this vulnerability to open a large number
of simultaneous connections and consume all available memory resources.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/116343 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2016-2178
DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive
information, caused by an error in the DSA implementation that allows
the following of a non-constant time codepath for certain operations. An
attacker could exploit this vulnerability using a cache-timing attack to
recover the private DSA key.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/113889 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2016-1248
DESCRIPTION: Vim could allow a local attacker to execute arbitrary code
on the system, caused by the improper validation of the ''filetype'',
''syntax'' and ''keymap'' options. By using a specially-crafted filee
with a malicious modeline, an attacker could exploit this vulnerability
to execute arbitrary code on the system.
CVSS Base Score: 5.9
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/119191 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

CVEID: CVE-2016-0787
DESCRIPTION: libssh2 could provide weaker than expected security, caused by a
type confusion error during the SSHv2 handshake resulting in the generation
of a reduced amount of random bits for Diffie-Hellman. An attacker could
exploit this vulnerability using the truncated Diffie-Hellman secret to
launch further attacks on the system.
CVSS Base Score: 6.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/111562 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)

CVEID: CVE-2016-0772
DESCRIPTION: Python''s smtplib library is vulnerable to a stripping
attack. An exception isn''t returned by the Python''s smtplib library if
StartTLS fails to establish correctly in the SMTP.starttls() function. An
attacker with man-in-the-middle ability could exploit this vulnerability to
strip out the STARTTLS command without generating an exception on the python
SMTP client application and prevent the establishment of the TLS layer.
CVSS Base Score: 6.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/114287 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)

CVEID: CVE-2016-0718
DESCRIPTION: Expat is vulnerable to a buffer overflow, caused by improper
bounds checking when processing malformed XML data. By using the Expat
library, a remote attacker could overflow a buffer and execute arbitrary
code on the system with the privileges of the victim or cause the application
to crash.
CVSS Base Score: 9.8
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/113408 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID: CVE-2015-7940
DESCRIPTION: Bouncy Castle could allow a remote attacker to obtain sensitive
information. An attacker could exploit this vulnerability using an invalid
curve attack to extract private keys used in elliptic curve cryptography
and obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/107739 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2015-2575
DESCRIPTION: An unspecified vulnerability in Oracle MySQL Connectors
related to the Connector/J component has partial confidentiality impact,
partial integrity impact, and no availability impact.
CVSS Base Score: 4.9
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/102348 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:P/I:P/A:N)

CVEID: CVE-2015-0254
DESCRIPTION: Apache Standard Taglibs could allow a remote attacker to execute
arbitrary code on the system, caused by an XML External Entity Injection
(XXE) error when processing XML data. By sending specially-crafted XML
data, an attacker could exploit this vulnerability to execute arbitrary
code on the system.
CVSS Base Score: 7.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/101550 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVEID: CVE-2014-9653
DESCRIPTION: file could allow a remote attacker to execute arbitrary code
on the system, caused by an out-of-bounds read in readelf.c. By persuading
a victim to open a specially-crafted elf file, an attacker could exploit
this vulnerability to execute arbitrary code on the system or cause a
denial of service.
CVSS Base Score: 6.8
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/100749 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVEID: CVE-2014-9620
DESCRIPTION: File is vulnerable to a denial of service, caused by an error
in the ELF parser. A remote attacker could exploit this vulnerability
using an overly long string to cause a denial of service.
CVSS Base Score: 5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/100258 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVEID: CVE-2014-8117
DESCRIPTION: file(1) is vulnerable to a denial of service, caused by
an error in the softmagic.c file. A remote attacker could exploit this
vulnerability to cause a denial of service.
CVSS Base Score: 5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/99419 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVEID: CVE-2014-8116
DESCRIPTION: file(1) is vulnerable to a denial of service, caused by
an error in the readelf.c file. A remote attacker could exploit this
vulnerability to cause a denial of service.
CVSS Base Score: 5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/99418 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVEID: CVE-2014-3710
DESCRIPTION: PHP is vulnerable to a denial of service, caused by an
out-of-bounds read in the donote() function. By persuading a victim to
open a specially-crafted elf file, a remote attacker could exploit this
vulnerability to cause the executable to crash.
CVSS Base Score: 4.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/98385 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P)

CVEID: CVE-2014-3587
DESCRIPTION: PHP is vulnerable to a denial of service, caused by an
incomplete fix related to the cdf_read_property_info() function. A remote
attacker could exploit this vulnerability to cause the application to crash.
CVSS Base Score: 5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/95408 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

Affected Products and Versions

IBM Security Guardium V10.0, 10.0.1, 10.1, 10.1.2

Remediation/Fixes

Product			VRMF	Remediation/First Fix
IBM Security Guardium	10x	https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%2BSecurity&product=ibm/Information+Management/InfoSphere+Guardium&release=All&platform=All&function=fixId&fixids=SqlGuard_10.0p230_GPU_Jun-2017-V10.1.3&includeSupersedes=0&source=fc

Workarounds and Mitigations

None

References

Complete CVSS v3 Guide
On-line Calculator v3

Related information

IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog

Change History

08/17/2017: Original publish date

*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact
of this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.

Disclaimer

According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency
and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT
WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING
THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWZZpd4x+lLeg9Ub1AQgWqA/7BURvtj8BhgAkLBasov9oL32zQC5cfwDq
uE0zpT0Wc9EbUt84AtBL6x3lnLGMLZLhZLb/3YXdF7+HuIFnvQNlS6RxAQMHSgXv
fuZIVekFytdIk4p0edWzgG+PoqOn/kng/pV6qQn2gP9ZjdlrbQUVCYRMpSARpS7J
LmLF82hUUG3u7TyNQJ0AHUnTY3MycQ70Ua44CemyF9eTuTRGOg4yJBAvEzVVZxOu
fiafvPhEIQHVj6MPVP7uaAhB+R1j2FT4G2mMXHmmdYwRJGYcvwozbTihQCCRADDN
3C//BQ5qe3JpN6mi1M86E/ryPt950XIpOz2mg4OCimoUdRv9zGADVVvWZkVgeN/5
TaVo29xHypFAzCwiwYqhyq3x2rqCyJMqd+Px7s7VGzfqlAUmIi7mVBfw+djSEZwX
S6mMB7DXV6ovsRC4xahSxiwQWh3dxH0GCiqkZrzlFaHXjChzxmMfB49+wwULfTL+
tkdadXe8tTS6vlkNUfqrwFJ9xgGuQTfMQAgMqp8/0DJq3/KviQF2ScR4RiUG5TMW
sYMpjCHasHNkXc1vYiMNUVD+uDYgurGITjXSziA64W/JFGYjJUuyc4Pk44wxxkIj
w/4LgTttaZrOomfBpyTNgpzvNMUk9OzqtBh/knZCHPtNt3G0/T+dSDgAYDKRgrRL
3+JSmZXMyS0=
=o76u
-----END PGP SIGNATURE-----

« Back to bulletins