SB2023100615 - Multiple vulnerabilities in IBM Spectrum Symphony 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2023100615

SB2023100615 - Multiple vulnerabilities in IBM Spectrum Symphony

Published: October 6, 2023

Security Bulletin ID SB2023100615
Severity
Medium
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Medium 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 secuirty vulnerabilities.


1) Input validation error (CVE-ID: CVE-2022-3488)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of repeated responses to the same query, where both responses contain ECS pseudo-options, however the first is incorrect and gets rejected by the resolver. A remote attacker controlling a malicious nameserver can respond with two responses in quick succession, each with a "CLIENT-SUBNET" pseudo-option and crash the server.


2) Resource management error (CVE-ID: CVE-2023-2911)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the application. If the recursive-clients quota is reached on a BIND 9 resolver configured with both stale-answer-enable yes; and stale-answer-client-timeout 0;, a sequence of serve-stale-related lookups could cause named to loop and terminate unexpectedly due to a stack overflow.


3) Input validation error (CVE-ID: CVE-2023-2829)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. A named instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache (RFC 8198) option (synth-from-dnssec) enabled can be remotely terminated using a zone with a malformed NSEC record.


4) Resource exhaustion (CVE-ID: CVE-2023-2828)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources. A remote attacker can cause the amount of memory used by a named resolver to go well beyond the configured max-cache-size limit. The effectiveness of the attack depends on a number of factors (e.g. query load, query patterns), but since the default value of the max-cache-size statement is 90%, in the worst case the attacker can exhaust all available memory on the host running named, leading to a denial-of-service condition.


Remediation

Install update from vendor's website.

References