IBM Tivoli Netcool System Service Monitor Multiple Vulnerabilities


Description   IBM has acknowledged a security issue and multiple vulnerabilities in IBM Tivoli Netcool System Service Monitor, which can be exploited by malicious people to conduct HTTP header injection attacks and bypass certain security restrictions.
For more information:
SA61925
SA63171 (#1, #2, #9, #10)
The security issue and vulnerabilities are reported in versions 4.0.0 FP1 through FP14 and Interim Fix 14-01 through Interim Fix 14-04 and 4.0.1 FP1 through FP2.
     
Vulnerable Products   Vulnerable Software:
IBM Tivoli Netcool System Service Monitor 4.xIBM Tivoli Netcool/System Service Monitor 4.x
     
Solution   Apply fix.Versions 4.0.1.x:Apply 4.0.1.2-TIV-SSM-IF0001.Versions 4.0.0.x:Apply 4.0.0.14-TIV-SSM-IF0005.
     
CVE   CVE-2015-0289
CVE-2015-0288
CVE-2015-0287
CVE-2015-0209
CVE-2014-8151
CVE-2014-8150
     
References   http://www.ibm.com/support/docview.wss?uid=swg21697204
http://www.ibm.com/support/docview.wss?uid=swg21699778
     
Vulnerability Manager Detection   No
     
IPS Protection  
ASQ Engine alarm Available Since
HTTP Request Smuggling : HTTP command found in header
3.2.0
HTTP Request Smuggling : Content-Length and Transfer-Encoding: chunked fields in header
3.2.0
HTTP Request Smuggling : suspicious syntax using HTTP keyword
3.2.0
HTTP Request Smuggling : multiple Content-Length fields
3.2.0
     


 
 
 
 
 Risk level 
Low 

 Vulnerability First Public Report Date 
2015-04-06 

 Target Type 
Server 

 Possible exploit 
Remote