Sign-up

ID

VAR-201504-0377


CVE

CVE-2015-1892


TITLE

Multicast DNS (mDNS) implementations may respond to unicast queries originating outside the local link

Trust: 0.8

sources: CERT/CC: VU#550620

DESCRIPTION

The Multicast DNS (mDNS) responder in IBM Security Access Manager for Web 7.x before 7.0.0 FP12 and 8.x before 8.0.1 FP1 inadvertently responds to unicast queries with source addresses that are not link-local, which allows remote attackers to cause a denial of service (traffic amplification) or obtain potentially sensitive information via port-5353 UDP packets. Multicast DNS implementations may respond to unicast queries that originate from sources outside of the local link network. Such responses may disclose information about network devices or be used in denial-of-service (DoS) amplification attacks. Multiple products are prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information or crash the system, resulting in a denial-of-service condition. Other attacks are also possible. IBM Security Access Manager (ISAM) for Web (formerly known as IBM Tivoli Access Manager for e-business) is a set of products used in user authentication, authorization and Web single sign-on solutions of IBM Corporation in the United States. It provides user access management and Web application protection function. The following versions are affected: ISAM for Web 7.0 with firmware 7.0.0.11 and earlier, and ISAM for Web 8.0 with firmware 8.0.0.1 through 8.0.0.5 and 8.0.1.0

Trust: 2.7

sources: NVD: CVE-2015-1892 // CERT/CC: VU#550620 // JVNDB: JVNDB-2015-002048 // BID: 73683 // VULHUB: VHN-79853

AFFECTED PRODUCTS

vendor:ibmmodel:security access manager for web 8.0scope:eqversion:8.0.0.3

Trust: 1.6

vendor:ibmmodel:security access manager for web 8.0scope:eqversion:8.0.0.2

Trust: 1.6

vendor:ibmmodel:security access manager for web 8.0scope:eqversion:8.0.0.5

Trust: 1.6

vendor:ibmmodel:security access manager for web 8.0scope:eqversion:8.0.1.0

Trust: 1.6

vendor:ibmmodel:security access manager for web 8.0scope:eqversion:8.0.0.4

Trust: 1.6

vendor:ibmmodel:security access manager for web 8.0scope:eqversion:8.0.0.1

Trust: 1.6

vendor:ibmmodel:security access manager for web 7.0scope:lteversion:7.0.0.11

Trust: 1.0

vendor:avahi mdnsmodel: - scope: - version: -

Trust: 0.8

vendor:canonmodel: - scope: - version: -

Trust: 0.8

vendor:hewlett packardmodel: - scope: - version: -

Trust: 0.8

vendor:ibmmodel: - scope: - version: -

Trust: 0.8

vendor:synologymodel: - scope: - version: -

Trust: 0.8

vendor:ibmmodel:security access manager for web softwarescope:eqversion:7.0.0 fp12

Trust: 0.8

vendor:ibmmodel:security access manager for web softwarescope:ltversion:8.x

Trust: 0.8

vendor:ibmmodel:security access manager for web softwarescope:ltversion:7.x

Trust: 0.8

vendor:ibmmodel:security access manager for web softwarescope:eqversion:8.0.1 fp1

Trust: 0.8

vendor:ibmmodel:security access manager for web 7.0scope:eqversion:7.0.0.11

Trust: 0.6

vendor:hpmodel:color laserjetscope:eqversion:47000

Trust: 0.3

vendor:avahimodel:avahiscope:eqversion:0.6.26

Trust: 0.3

vendor:avahimodel:avahiscope:eqversion:0.6.25

Trust: 0.3

vendor:avahimodel:avahiscope:eqversion:0.6.24

Trust: 0.3

vendor:avahimodel:avahiscope:eqversion:0.6.23

Trust: 0.3

vendor:avahimodel:avahiscope:eqversion:0.6.20

Trust: 0.3

vendor:avahimodel:avahiscope:eqversion:0.6.16

Trust: 0.3

vendor:avahimodel:avahiscope:eqversion:0.6.15

Trust: 0.3

vendor:avahimodel:avahiscope:eqversion:0.6.13

Trust: 0.3

vendor:avahimodel:avahiscope:eqversion:0.6.11

Trust: 0.3

vendor:avahimodel:avahiscope:eqversion:0.6.10

Trust: 0.3

vendor:avahimodel:avahiscope:eqversion:0.6.9

Trust: 0.3

vendor:avahimodel:avahiscope:eqversion:0.6.8

Trust: 0.3

vendor:avahimodel:avahiscope:eqversion:0.6.7

Trust: 0.3

vendor:avahimodel:avahiscope:eqversion:0.5.2

Trust: 0.3

sources: CERT/CC: VU#550620 // BID: 73683 // JVNDB: JVNDB-2015-002048 // CNNVD: CNNVD-201503-653 // NVD: CVE-2015-1892

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-1892
value: MEDIUM

Trust: 1.0

NVD: CVE-2015-1892
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201503-653
value: MEDIUM

Trust: 0.6

VULHUB: VHN-79853
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2015-1892
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-79853
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-79853 // JVNDB: JVNDB-2015-002048 // CNNVD: CNNVD-201503-653 // NVD: CVE-2015-1892

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

sources: VULHUB: VHN-79853 // JVNDB: JVNDB-2015-002048 // NVD: CVE-2015-1892

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201503-653

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201503-653

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-002048

PATCH
title:1699497url:http://www-01.ibm.com/support/docview.wss?uid=swg21699497
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2015-002048

EXTERNAL IDS
db:CERT/CCid:VU#550620
Trust: 3.3
db:NVDid:CVE-2015-1892
Trust: 2.8
db:BIDid:73683
Trust: 1.4
db:JVNid:JVNVU98589419
Trust: 0.8
db:JVNDBid:JVNDB-2015-002048
Trust: 0.8
db:CNNVDid:CNNVD-201503-653
Trust: 0.7
db:VULHUBid:VHN-79853
Trust: 0.1
sources:
            
            
            CERT/CC: VU#550620 // 
            
            
            
            VULHUB: VHN-79853 // 
            
            
            
            BID: 73683 // 
            
            
            
            JVNDB: JVNDB-2015-002048 // 
            
            
            
            CNNVD: CNNVD-201503-653 // 
            
            
            
            NVD: CVE-2015-1892

REFERENCES
url:http://www-01.ibm.com/support/docview.wss?uid=swg21699497
Trust: 2.5
url:http://www.kb.cert.org/vuls/id/550620
Trust: 2.5
url:http://www-01.ibm.com/support/docview.wss?uid=swg1iv70911
Trust: 1.7
url:http://www-01.ibm.com/support/docview.wss?uid=swg1iv70913
Trust: 1.7
url:https://github.com/chadillac/mdns_recon
Trust: 1.6
url:http://www.securityfocus.com/bid/73683
Trust: 1.1
url:http://www.ietf.org/rfc/rfc6762.txt
Trust: 0.8
url:https://www.usa.canon.com/cusa/support/consumer?pagekeycode=prdadvdetail&docid=0901e02480ea9d5d
Trust: 0.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1892
Trust: 0.8
url:http://jvn.jp/vu/jvnvu98589419/index.html
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-1892
Trust: 0.8
url:https://tools.ietf.org/html/rfc6762#section-5.5
Trust: 0.8
url:http://www.ibm.com/
Trust: 0.3
sources:
            
            
            CERT/CC: VU#550620 // 
            
            
            
            VULHUB: VHN-79853 // 
            
            
            
            BID: 73683 // 
            
            
            
            JVNDB: JVNDB-2015-002048 // 
            
            
            
            CNNVD: CNNVD-201503-653 // 
            
            
            
            NVD: CVE-2015-1892

CREDITS
Chad Seaman
Trust: 0.3
sources:
            
            
            BID: 73683

SOURCES
db:CERT/CCid:VU#550620
db:VULHUBid:VHN-79853
db:BIDid:73683
db:JVNDBid:JVNDB-2015-002048
db:CNNVDid:CNNVD-201503-653
db:NVDid:CVE-2015-1892

LAST UPDATE DATE
2024-11-23T21:44:19.159000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#550620date:2015-05-15T00:00:00
db:VULHUBid:VHN-79853date:2016-08-04T00:00:00
db:BIDid:73683date:2015-05-15T00:14:00
db:JVNDBid:JVNDB-2015-002048date:2015-04-06T00:00:00
db:CNNVDid:CNNVD-201503-653date:2015-04-02T00:00:00
db:NVDid:CVE-2015-1892date:2024-11-21T02:26:21.123

SOURCES RELEASE DATE
db:CERT/CCid:VU#550620date:2015-03-31T00:00:00
db:VULHUBid:VHN-79853date:2015-04-01T00:00:00
db:BIDid:73683date:2015-03-31T00:00:00
db:JVNDBid:JVNDB-2015-002048date:2015-04-06T00:00:00
db:CNNVDid:CNNVD-201503-653date:2015-03-31T00:00:00
db:NVDid:CVE-2015-1892date:2015-04-01T02:00:32.220