Did you see IBM's response (was linked to in the NIST page you noted) It lists PTFs to remedy the problem.

Also, it clearly states that this issue is remotely exploitable (does not require direct network access or physical access to network.)

On 1/6/2014 8:48 PM, Steinmetz, Paul wrote:

Our network, security, firewall, guy feels that if the vulnerability is there, firewall will not make a difference.
Networking/firewall is not my area, so I really need to gather additional info to confirm.

-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of DrFranken
Sent: Monday, January 06, 2014 8:36 PM
To: Midrange Systems Technical Discussion
Subject: Re: Possible iSeries Vulnerability

Not specifically aware of this BUT it would require that you allow direct access to your server from outside your protected network to be vulnerable. Not many of my customers (I can think of exactly 1) have their IBM i servers directly connected to the Internet without a firewall of some sort.

- Larry "DrFranken" Bolhuis


On 1/6/2014 8:21 PM, Steinmetz, Paul wrote:

Anyone aware of the possible iSeries Vulnerability and the impact, and fix if available.


Original release date:01/02/2014
Last revised:01/03/2014
The OSPF implementation in IBM i 6.1 and 7.1, and in z/OS on zSeries servers, does not properly validate Link State Advertisement (LSA) type 1 packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149.
CVSS Severity (version 2.0):
CVSS v2 Base
ctor=%28AV%3AN/AC%3AL/Au%3AN/C%3AP/I%3AN/A%3AC%29> (HIGH)
Impact Subscore: 7.8
Exploitability Subscore: 10.0
CVSS Version 2 Metrics:
Access Vector: Network exploitable
Access Complexity: Low
Authentication: Not required to exploit Impact Type:Allows
unauthorized disclosure of information; Allows disruption of service

Thank You
Paul Steinmetz
IBM i Systems Administrator

Pencor Services, Inc.
462 Delaware Ave
Palmerton Pa 18071

610-826-9117 work
610-826-9188 fax
610-349-0913 cell
610-377-6012 home


This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.

This thread ...


Return to Archive home page | Return to MIDRANGE.COM home page