Monday, 1 August 2016
A vulnerability classified as problematic has been found in IBM AIX 5.3/6.1/7.1/7.2. This affects an unknown function of the component mustendd Device Driver. The manipulation with an unknown input leads to a denial of service vulnerability (crash). This is going to have an impact on availability.
The weakness was disclosed 07/28/2016 as Vulnerability in mustendd device driver impacts AIX as confirmed advisory (Website). The advisory is shared for download at aix.software.ibm.com. This vulnerability is uniquely identified as CVE-2016-0281. The exploitability is told to be easy. It is possible to initiate the attack remotely. No form of authentication is needed for exploitation. The technical details are unknown and an exploit is not publicly available. The advisory points out:
IBM AIX Adapter FC5899 / FC1763 with "jumbo_frames" disabled could allow a remote attacker to send specially crafted packets that would crash the adapter.
Applying a patch is able to eliminate this problem. It is possible to mitigate the problem by applying the configuration setting
jumbo_frames = enabled. The best possible mitigation is suggested to be patching the affected component. A possible mitigation has been published immediately after the disclosure of the vulnerability.
The vulnerability is also documented in the vulnerability database at SecurityTracker (ID 1036481).
CVSSv3
Base Score: 5.3 [?]Temp Score: 5.1 [?]
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:X/RL:O/RC:C [?]
Reliability: High
CVSSv2
Base Score: 5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P) [?]Temp Score: 4.4 (CVSS2#E:ND/RL:OF/RC:C) [?]
Reliability: High
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Local | High | Multiple | None | None | None |
| Adjacent | Medium | Single | Partial | Partial | Partial |
| Network | Low | None | Complete | Complete | Complete |
CPE
Exploiting
Class: Denial of serviceLocal: No
Remote: Yes
Availability: No
Current Price Estimation:
| 0-Day | $0-$1k | $1k-$2k | $2k-$5k | $5k-$10k | $10k-$25k | $25k-$50k | $50k-$100k | $100k-$500k |
|---|---|---|---|---|---|---|---|---|
| Today | $0-$1k | $1k-$2k | $2k-$5k | $5k-$10k | $10k-$25k | $25k-$50k | $50k-$100k | $100k-$500k |
Countermeasures
Recommended: PatchStatus: Official fix
Reaction Time: 0 days since reported
0-Day Time: 0 days since found
Exposure Time: 0 days since known
Config: jumbo_frames = enabled
Timeline
07/28/2016 Advisory disclosed07/28/2016 Countermeasure disclosed
07/29/2016 SecurityTracker entry created
07/31/2016 VulDB entry created
07/31/2016 VulDB entry updated
Subscribe to:
Post Comments (Atom)
Sectoon
Featured post
27 good hacker documentary
In the eyes of most people, a group of hackers usually extremely boring nothing interesting people, and that if only the computer code in ...
Blog archive
Top certifications to plan in 2018 ?
0 comments:
Post a comment