TPM for OSd / Images multiple vulnerabilities when GSKit is configured

CONTENT

1. PKCS#12 Trust Anchor Insertion Vulnerability (CVE-2012-2203)
2. GSKit SID Length Vulnerability (CVE-2012-2190)
2. GSKit Encrypted Record Length Vulnerability (CVE-2012-2191)

VULNERABILITIES DETAILS

CVE ID: CVE-2012-2203
DESCRIPTION:

IBM Global Security Kit (aka GSKit) before 7.0.4.41 uses the PKCS #12 file format for certificate objects without enforcing file integrity, which makes it easier for remote attackers to spoof SSL servers.


CVE ID: CVE-2012-2190
DESCRIPTION:

When a client attempts to establish an SSL/TLS connection, the client and server negotiate what type of cypher suite to use and whether to trust each other. This negotiation is called the "handshake". TPM for OSd / TPM for Images use GSKit 7 for SSL/TLS connections. GSKit before 7.0.4.41 is vulnerable to an attack from a specifically crafted malformed SSL/TLS data packet during the handshake. An attacker would need to send a malformed data packet to the server during the SSL/TLS handshake negotiation. Were an attacker able to do so, they could cause the TPM for OSd / TPM for Images server process to crash. The attack does not require local network access nor does it require authentication, but some degree of specialized knowledge and techniques are required. An exploit would not impact the confidentiality of information or the integrity of data, however accessibility of the system could be compromised.

CVE ID: CVE-2012-2191
DESCRIPTION:

IBM Global Security Kit (aka GSKit) before 7.0.4.41 does not properly validate data, which allows remote attackers to cause a denial of service (application crash) via crafted values in the TLS Record Layer, a different vulnerability than CVE-2012-2333.

REMEDIATION

TPM for OSD / TPM for Images 7.1.1.X customers should upgrade to GSKIT version 7.0.4.41 or later.