× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. August 2016

Re: IBM i CVE Vulnerability database search

Thanks, the APAR search seems to produce a good list, assuming it's
comprehensive just based on the "CVE" search.

The PSIRT blog has a lot of information, but it's lacking a filter/search
for platform or software, so it's just a wall of text that's not terribly
usable.

Ron Adams


On Mon, Aug 8, 2016 at 12:23 PM, Rob Berendt <rob@xxxxxxxxx> wrote:

Still working on the list...

You can sign up for IBM Notifications at:
https://www-947.ibm.com/systems/support/myview/subscription/css.wss/
You can even limit that down to IBM i 7.1, Security Notifications.

You can search APARs for CVE at
http://www-912.ibm.com/n_dir/nas4apar.nsf/$$Search?openform
If I limit that search down to IBM i 7.1 I get 20 hits
APAR Status Abstract
97% SE64529 CLOSED PER SC1-UTL OPENSSH PATCH SECURITY
VULNERABILITIES
97% SE58711 CLOSED PER HTTPSVR - Security Patch for
CVE-2014-0098
97% SE55234 CLOSED PER F/DG1 VULNERABILITIES-MSGAUDIT
REPORT CVE 2012-3499 / CVE
97% SE48199 CLOSED PER HTTPSVR - Patch Apache
Vulnerability CVE-2011-0419 and
96% SE45583 CLOSED PER HTTPSVR - FastCGI socket
authorities directives support
96% SE44955 CLOSED PER HTTPSVR - Patch Apache
Vulnerability CVE-2010-1623
95% SE65372 CLOSED PER HTTPSVR - PATCH APACHE
VULNERABILITY CVE-2016-0718
95% SE65321 CLOSED PER HTTPSVR - PATCH APACHE
VULNERABILITY CVE-2016-5387
95% SE61067 CLOSED PER HTTPSVR - PATCH APACHE
VULNERABILITY CVE-2013-5704
95% SE59706 CLOSED PER HTTPSVR - PATCH APACHE
VULNERABILITY CVE-2014-0118
95% SE53910 CLOSED PER HTTPSVR - PATCH APACHE
VULNERABILITYS CVE-2012-2687
95% SE51504 CLOSED PER HTTPSVR - Follow up fix for
CVE-2011-4317
95% SE49722 CLOSED PER HTTPSVR - PATCH APACHE
VULNERABILITY CVE-2011-3368
95% SE49333 CLOSED PER HTTPSVR - PATCH APACHE
VULNERABILITY CVE-2011-3192
94% SE58603 CLOSED PER HTTPSVR - HTTP SERVER FOR I 2.4
SUPPORT
92% SE44232 CLOSED PER HTTPSVR - PATCH APACHE
VULNERABILITY CVE-2010-2068
92% SE42388 CLOSED PER HTTPSVR - Patch Apache
Vulnerability CVE 2010 0434
90% SE39535 CLOSED PER HTTPSVR - Patch Apache
Vulnerability CVE 2008 2364
86% SE44407 CLOSED PER HTTPSVR-UNPRED HTTP VULNERABILITY
CVE-2010-1452
83% SE62802 CLOSED PER OSP-LWI IBM NAVIGATOR FOR I TLS
SSL PROTOCOL USE


See also:
https://www.ibm.com/blogs/psirt/
IBM Product Security Incident Response (PSIRT) blog.

This may help:
http://www-912.ibm.com/s_dir/sline003.NSF/554c38c4848b77f2862567bd0046e0
03/b3e91f2da858222c86257712006e3c36?OpenDocument


Rob Berendt
--
IBM Certified System Administrator - IBM i 6.1
Group Dekko
Dept 1600
Mail to: 2505 Dekko Drive
Garrett, IN 46738
Ship to: Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com





From: Ron Adams <rondadams@xxxxxxxxx>
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx>
Date: 08/08/2016 12:44 PM
Subject: Re: IBM i CVE Vulnerability database search
Sent by: "MIDRANGE-L" <midrange-l-bounces@xxxxxxxxxxxx>



I think you're right on the Support portal only showing vulnerabilities
where they have PTFs.
I was able to find plenty under "My support" or searching the portal using
the following criteria:

Support Portal > IBM i 7.1
Filter by operating system
"i family of operating systems (formerly i5/OS family)"
Filter by document type
"Security bulletins"

Search withing results:
"CVE"

That's a painful and complicated way to get what should be a simple list
of
all known CVE vulnerabilities. But, as usual, it's just seems to be the
standard for how IBM operates.


Ron Adams



On Mon, Aug 8, 2016 at 6:33 AM, Rob Berendt <rob@xxxxxxxxx> wrote:

Where are you finding this in the IBM Support Portal? Show me that and
I'll see if there's a better list for it.

I would think that the IBM Support Portal would only show you
vulnerabilities in which there was a PTF issued to resolve it.

I checked that cvedetails site. Not to go Trevor on you but there is
also
a product called "I". That site however only listed one entry for i and
I
know there's been a whole load of other vulnerabilities.
And, with all the open source crap IBM uses and refuses to update their
version but only patch the version it's really hard to use that site to
tie it back to IBM i. For example, tie these two together:
CVE-2016-1285
https://www.cvedetails.com/cve-details.php?t=1&cve_id=CVE-2016-1285

http://www-912.ibm.com/a_dir/as4ptf.nsf/86acab6961d02f8386257707005030d2/
a467dc4de66921a286257fab0000a450?OpenDocument&Highlight=2,dns


Rob Berendt
--
IBM Certified System Administrator - IBM i 6.1
Group Dekko
Dept 1600
Mail to: 2505 Dekko Drive
Garrett, IN 46738
Ship to: Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com





From: Ron Adams <rondadams@xxxxxxxxx>
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx>
Date: 08/07/2016 06:00 PM
Subject: IBM i CVE Vulnerability database search
Sent by: "MIDRANGE-L" <midrange-l-bounces@xxxxxxxxxxxx>



Does anyone know of a comprehensive source to search for IBM i
vulnerabilities other than the IBM Support portal. The support portal
will
give a good list, but I need something that can be more easily imported
into a security tool for cross-referencing.

Searching sites like cvedetails.com or cve.mitre.org don't seem to
cross-reference the i very well. Searching cvedetails.comonly yields 3
hits.
https://www.cvedetails.com/vulnerability-list/vendor_id-
14/product_id-5093/IBM-Iseries-As-400.html


--
Ron Adams
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxx for any subscription related
questions.


--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxx for any subscription related
questions.




--
Ron Adams
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxx for any subscription related
questions.


--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxx for any subscription related
questions.





As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.