Did you see IBM's response (was linked to in the NIST page you noted) It
lists PTFs to remedy the problem.
Also, it clearly states that this issue is remotely exploitable (does
not require direct network access or physical access to network.)
On 1/6/2014 8:48 PM, Steinmetz, Paul wrote:
Our network, security, firewall, guy feels that if the vulnerability is there, firewall will not make a difference.
Networking/firewall is not my area, so I really need to gather additional info to confirm.
From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of DrFranken
Sent: Monday, January 06, 2014 8:36 PM
To: Midrange Systems Technical Discussion
Subject: Re: Possible iSeries Vulnerability
Not specifically aware of this BUT it would require that you allow direct access to your server from outside your protected network to be vulnerable. Not many of my customers (I can think of exactly 1) have their IBM i servers directly connected to the Internet without a firewall of some sort.
- Larry "DrFranken" Bolhuis
On 1/6/2014 8:21 PM, Steinmetz, Paul wrote:
Anyone aware of the possible iSeries Vulnerability and the impact, and fix if available.
Original release date:01/02/2014
The OSPF implementation in IBM i 6.1 and 7.1, and in z/OS on zSeries servers, does not properly validate Link State Advertisement (LSA) type 1 packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149.
CVSS Severity (version 2.0):
CVSS v2 Base
Impact Subscore: 7.8
Exploitability Subscore: 10.0
CVSS Version 2 Metrics:
Access Vector: Network exploitable
Access Complexity: Low
Authentication: Not required to exploit Impact Type:Allows
unauthorized disclosure of information; Allows disruption of service
IBM i Systems Administrator
Pencor Services, Inc.
462 Delaware Ave
Palmerton Pa 18071
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.