SB2017050841 - Multiple vulnerabilities in IBM Flex System Chassis Management Module (CMM)

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2017050841

SB2017050841 - Multiple vulnerabilities in IBM Flex System Chassis Management Module (CMM)

Published: May 8, 2017 Updated: February 17, 2025

Security Bulletin ID SB2017050841
Severity
Medium
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Medium 25% Low 75%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 secuirty vulnerabilities.


1) Denial of service (CVE-ID: CVE-2017-15906)

The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.

The weakness exists in the process_open() function due to improper prevention of write operations in read-only mode. A remote attacker can create zero-length files and cause the service to crash.

Successful exploitation of the vulnerability results in denial of service.

2) Null pointer dereference (CVE-ID: CVE-2016-10708)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to improper processing of out-of-sequence NEWKEYS messages, as defined in the kex.c and packet.c source code files. A remote attacker can send an out-of-sequence NEWKEYS message, trigger a NULL pointer dereference condition and cause the sshd daemon to crash.


3) Buffer overflow (CVE-ID: CVE-2016-10012)

The vulnerability allows a local user to execute arbitrary code on vulnerable system with root privileges.

The vulnerability exists in sshd due to a flaw in boundary checks in the shared memory manager that may be skipped by some optimizing compilers. A local user can trigger memory corruption and execute arbitrary code with root privileges. The issue is related to m_zback and m_zlib data structures.

Successful exploitation of this vulnerability may allow a local user to elevate privileges.


4) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2008-1483)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to application does not properly impose security restrictions. A local user can hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.


Remediation

Install update from vendor's website.

References