SB2016050811 - Multiple vulnerabilities in IBM Integrated Management Module (IMM) 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2016050811

SB2016050811 - Multiple vulnerabilities in IBM Integrated Management Module (IMM)

Published: May 8, 2016 Updated: October 25, 2023

Security Bulletin ID SB2016050811
Severity
High
Patch available
YES
Number of vulnerabilities 5
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 20% Medium 60% Low 20%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.


1) Double free error (CVE-ID: CVE-2016-0705)

The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.

The weakness exists due to double-free error when parsing DSA private keys. A remote attacker can trigger memory corruption and cause the service to crash.

2) Input validation error (CVE-ID: CVE-2016-0797)

The vulnerability allows remote attackers to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can cause a denial of service (heap memory corruption or NULL pointer dereference) or possibly have unspecified other impact via a long digit string that is mishandled by the (1) BN_dec2bn or (2) BN_hex2bn function, related to crypto/bn/bn.h and crypto/bn/bn_print.c.


3) Memory leak (CVE-ID: CVE-2016-0798)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the SRP_VBASE_get_by_user implementation in OpenSSL. A remote attacker can perform a denial of service attack (memory consumption) by providing an invalid username in a connection attempt, related to apps/s_server.c and crypto/srp/srp_vfy.c


4) Buffer overflow (CVE-ID: CVE-2016-0799)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to fmtstr function in crypto/bio/b_print.c in OpenSSL improperly calculates string lengths. A remote attacker can cause a denial of service (overflow and out-of-bounds read) or possibly have unspecified other impact via a long string.


5) Information disclosure (CVE-ID: CVE-2016-0800)

The vulnerability allows a remote attacker to decrypt sensitive information.

The vulnerability exists due to usage of weak SSLv2 protocol, which requires to send a ServerVerify message before establishing that a client possesses certain plaintext RSA data. A remote attacker can decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle.

The vulnerability is dubbed "DROWN" attack.

Remediation

Install update from vendor's website.

References