Multiple vulnerabilities in IBM FlashSystem models 840 and 900

1) Buffer overflow

EUVDB-ID: #VU33988

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2015-7181

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the sec_asn1d_parse_leaf() function in Mozilla Network Security Services (NSS). A remote attacker can create a pass crafted OCTET STRING data to the application, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

FlashSystem 900 9840-AE2 and 9843-AE2: before 1.6.1.5-515.226

FlashSystem 840 9840-AE1 & 9843-AE1: before 1.5.2.6-468.155

CPE2.3

External links

http://www.ibm.com/support/pages/node/691087

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Buffer overflow

EUVDB-ID: #VU33989

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2015-7182

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within ASN.1 decoder in Mozilla Network Security Services (NSS). A remote attacker can create a pass crafted OCTET STRING data to the application, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

FlashSystem 900 9840-AE2 and 9843-AE2: before 1.6.1.5-515.226

FlashSystem 840 9840-AE1 & 9843-AE1: before 1.5.2.6-468.155

CPE2.3

External links

http://www.ibm.com/support/pages/node/691087

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Buffer overflow

EUVDB-ID: #VU33644

Risk: Medium

CVSSv3.1: 6.4 [CVSS:3.1/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2015-7183

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Integer overflow in the PL_ARENA_ALLOCATE implementation in Netscape Portable Runtime (NSPR) in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.

Mitigation

Install update from vendor's website.

Vulnerable software versions

FlashSystem 900 9840-AE2 and 9843-AE2: before 1.6.1.5-515.226

FlashSystem 840 9840-AE1 & 9843-AE1: before 1.5.2.6-468.155

CPE2.3

External links

http://www.ibm.com/support/pages/node/691087

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.