MIDRANGE dot COM Mailing List Archive



Home » MIDRANGE-L » January 2014

RE: Possible iSeries Vulnerability



fixed

Larry,

Our network, security, firewall, guy feels that if the vulnerability is there, firewall will not make a difference.
Networking/firewall is not my area, so I really need to gather additional info to confirm.




-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of DrFranken
Sent: Monday, January 06, 2014 8:36 PM
To: Midrange Systems Technical Discussion
Subject: Re: Possible iSeries Vulnerability

Not specifically aware of this BUT it would require that you allow direct access to your server from outside your protected network to be vulnerable. Not many of my customers (I can think of exactly 1) have their IBM i servers directly connected to the Internet without a firewall of some sort.

- Larry "DrFranken" Bolhuis

www.frankeni.com
www.iDevCloud.com
www.iInTheCloud.com

On 1/6/2014 8:21 PM, Steinmetz, Paul wrote:

Anyone aware of the possible iSeries Vulnerability and the impact, and fix if available.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5385

Original release date:01/02/2014
Last revised:01/03/2014
Source: US-CERT/NIST
Overview
The OSPF implementation in IBM i 6.1 and 7.1, and in z/OS on zSeries servers, does not properly validate Link State Advertisement (LSA) type 1 packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149.
Impact
CVSS Severity (version 2.0):
CVSS v2 Base
Score:8.5<http://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2013-5385&ve
ctor=%28AV%3AN/AC%3AL/Au%3AN/C%3AP/I%3AN/A%3AC%29> (HIGH)
(AV:N/AC:L/Au:N/C:P/I:N/A:C)<http://nvd.nist.gov/cvss.cfm?version=2&na
me=CVE-2013-5385&vector=%28AV%3AN/AC%3AL/Au%3AN/C%3AP/I%3AN/A%3AC%29>
(legend<http://nvd.nist.gov/cvss.cfm?vectorinfo&version=2>)
Impact Subscore: 7.8
Exploitability Subscore: 10.0
CVSS Version 2 Metrics:
Access Vector: Network exploitable
Access Complexity: Low
Authentication: Not required to exploit Impact Type:Allows
unauthorized disclosure of information; Allows disruption of service



Thank You
_____
Paul Steinmetz
IBM i Systems Administrator

Pencor Services, Inc.
462 Delaware Ave
Palmerton Pa 18071

610-826-9117 work
610-826-9188 fax
610-349-0913 cell
610-377-6012 home

psteinmetz@xxxxxxxxxx<mailto:psteinmetz@xxxxxxxxxx>
http://www.pencor.com/

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.






Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2014 by MIDRANGE dot COM and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available here. If you have questions about this, please contact