SB2018042473 - Multiple vulnerabilities in IBM Virtualization Engine TS7700

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2018042473

SB2018042473 - Multiple vulnerabilities in IBM Virtualization Engine TS7700

Published: April 24, 2018 Updated: January 8, 2024

Security Bulletin ID SB2018042473
CSH Severity
Medium
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Medium 25% Low 75%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 vulnerabilities.


1) Resource exhaustion (CVE-ID: CVE-2016-7427)

CWE-ID: CWE-400 - Resource exhaustion

CVSSv4: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The broadcast mode replay prevention functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadcast mode packets) via a crafted broadcast mode packet.


2) Resource exhaustion (CVE-ID: CVE-2016-7428)

CWE-ID: CWE-400 - Resource exhaustion

CVSSv4: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a remote non-authenticated attacker to perform service disruption.

ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadcast mode packets) via the poll interval in a broadcast packet.


3) Improper access control (CVE-ID: CVE-2016-9310)

CWE-ID: CWE-284 - Improper Access Control

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a remote attacker to obtain potentially sensitive information and cause DoS condition on the target system.

The weakness exists in the control mode (mode 6) functionality in ntpd due to improper access control. A remote attacker can set or unset traps via a specially crafted control mode packet, gain access to potentially sensitive information and cause the service to crash.

4) NULL pointer dereference (CVE-ID: CVE-2016-9311)

CWE-ID: CWE-476 - NULL Pointer Dereference

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green


The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in ntpd due to NULL pointer dereference when the trap service is enabled. A remote attacker can submit a specially crafted packet and cause the service to crash.

Remediation

Install update from vendor's website.

References