Multiple vulnerabilities in IBM Virtualization Engine TS7700
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2016-7427 CVE-2016-7428 CVE-2016-9310 CVE-2016-9311 |
| CWE-ID | CWE-400 CWE-284 CWE-476 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Virtualization Engine TS7700 3957-VEC Hardware solutions / Firmware Virtualization Engine TS7700 3957-VEB Other software / Other software solutions Virtualization Engine TS7700 3957-V07 Other software / Other software solutions Virtualization Engine TS7700 3957-V06 Other software / Other software solutions Virtualization Engine TS7700 3957-VEA Other software / Other software solutions |
| Vendor | IBM Corporation |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Resource exhaustion
EUVDB-ID: #VU39822
Risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2016-7427
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform service disruption.
The broadcast mode replay prevention functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadcast mode packets) via a crafted broadcast mode packet.
MitigationInstall update from vendor's website.
Vulnerable software versionsVirtualization Engine TS7700 3957-VEC: before 8.40.2.12 VTD_EXEC.279
Virtualization Engine TS7700 3957-VEB: before 8.33.3.14 VTD_EXEC.279
Virtualization Engine TS7700 3957-V07: before 8.33.3.14 VTD_EXEC.279
Virtualization Engine TS7700 3957-V06: before 8.21.0.178 VTD_EXEC.103 VTD_EXEC.279
Virtualization Engine TS7700 3957-VEA: before 8.21.0.178 VTD_EXEC.103 VTD_EXEC.279
CPE2.3- cpe:2.3:h:ibm_corporation:virtualization_engine_ts7700_3957-vec:*:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:virtualization_engine_ts7700_3957-veb:*:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:virtualization_engine_ts7700_3957-v07:*:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:virtualization_engine_ts7700_3957-v06:*:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:virtualization_engine_ts7700_3957-vea:*:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/650205
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Resource exhaustion
EUVDB-ID: #VU39823
Risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2016-7428
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform service disruption.
ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadcast mode packets) via the poll interval in a broadcast packet.
MitigationInstall update from vendor's website.
Vulnerable software versionsVirtualization Engine TS7700 3957-VEC: before 8.40.2.12 VTD_EXEC.279
Virtualization Engine TS7700 3957-VEB: before 8.33.3.14 VTD_EXEC.279
Virtualization Engine TS7700 3957-V07: before 8.33.3.14 VTD_EXEC.279
Virtualization Engine TS7700 3957-V06: before 8.21.0.178 VTD_EXEC.103 VTD_EXEC.279
Virtualization Engine TS7700 3957-VEA: before 8.21.0.178 VTD_EXEC.103 VTD_EXEC.279
CPE2.3- cpe:2.3:h:ibm_corporation:virtualization_engine_ts7700_3957-vec:*:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:virtualization_engine_ts7700_3957-veb:*:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:virtualization_engine_ts7700_3957-v07:*:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:virtualization_engine_ts7700_3957-v06:*:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:virtualization_engine_ts7700_3957-vea:*:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/650205
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper access control
EUVDB-ID: #VU12305
Risk: Low
CVSSv4.0: 6.8 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2016-9310
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information and cause DoS condition on the target system.
The weakness exists in the control mode (mode 6) functionality in ntpd due to improper access control. A remote attacker can set or unset traps via a specially crafted control mode packet, gain access to potentially sensitive information and cause the service to crash.
Install update from vendor's website.
Vulnerable software versionsVirtualization Engine TS7700 3957-VEC: before 8.40.2.12 VTD_EXEC.279
Virtualization Engine TS7700 3957-VEB: before 8.33.3.14 VTD_EXEC.279
Virtualization Engine TS7700 3957-V07: before 8.33.3.14 VTD_EXEC.279
Virtualization Engine TS7700 3957-V06: before 8.21.0.178 VTD_EXEC.103 VTD_EXEC.279
Virtualization Engine TS7700 3957-VEA: before 8.21.0.178 VTD_EXEC.103 VTD_EXEC.279
CPE2.3- cpe:2.3:h:ibm_corporation:virtualization_engine_ts7700_3957-vec:*:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:virtualization_engine_ts7700_3957-veb:*:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:virtualization_engine_ts7700_3957-v07:*:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:virtualization_engine_ts7700_3957-v06:*:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:virtualization_engine_ts7700_3957-vea:*:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/650205
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) NULL pointer dereference
EUVDB-ID: #VU12306
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2016-9311
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists in ntpd due to NULL pointer dereference when the trap service is enabled. A remote attacker can submit a specially crafted packet and cause the service to crash.
Install update from vendor's website.
Vulnerable software versionsVirtualization Engine TS7700 3957-VEC: before 8.40.2.12 VTD_EXEC.279
Virtualization Engine TS7700 3957-VEB: before 8.33.3.14 VTD_EXEC.279
Virtualization Engine TS7700 3957-V07: before 8.33.3.14 VTD_EXEC.279
Virtualization Engine TS7700 3957-V06: before 8.21.0.178 VTD_EXEC.103 VTD_EXEC.279
Virtualization Engine TS7700 3957-VEA: before 8.21.0.178 VTD_EXEC.103 VTD_EXEC.279
CPE2.3- cpe:2.3:h:ibm_corporation:virtualization_engine_ts7700_3957-vec:*:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:virtualization_engine_ts7700_3957-veb:*:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:virtualization_engine_ts7700_3957-v07:*:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:virtualization_engine_ts7700_3957-v06:*:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:virtualization_engine_ts7700_3957-vea:*:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/650205
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
