Announcement Announcement Module
Collapse
No announcement yet.
Advisory - Remote Denial of Service Vulnerability in IBM Security Access Manager Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Advisory - Remote Denial of Service Vulnerability in IBM Security Access Manager

    Remote Denial of Service Vulnerability in IBM Security Access Manager

    Severity Rating: High

    Systems Affected
    • IBM Security Access Manager for Web 7.0
    • IBM Security Access Manager for Web 8.0
    • IBM Tivoli Access Manager 5.1
    • IBM Tivoli Access Manager 6.0.0
    • IBM Tivoli Access Manager 6.1.0
    • IBM Tivoli Access Manager 6.1.1

    Overview

    A vulnerability has been reported in IBM Security Access Manager (ISAM), which could allow remote attacker to cause a denial of service (infinite loop).


    Description

    This vulnerability exists in IBM Security Access Manager (ISAM) due to the way Reverse Proxy component handles certain SSL messages. This could cause CPU utilization to rapidly increase and not decrease resulting CPU exhaustion and unresponsiveness.

    Successful exploitation of this vulnerability could allow remote attacker to do Denial of Service (DoS).

    Note:
    The condition occurs only in a certain error case.

    Workarounds and Mitigations
    Methods for ISAM for Web 7.0 software version

    • Monitor CPU utilization of the WebSEAL instances and if found high, stop and restart the affected instances.

    • Enable SSLv3 and disable all versions of TLS used by WebSEAL.


    Methods for all ISAM for Web appliance versions

    • Monitor CPU utilization of the ISAM for Web appliance and if found high, stop and restart the affected instances.
    • Enable SSLv3 and disable all versions of TLS used by each Reverse Proxy instance.


    For detailed steps and the impacts of applying workarounds, see IBM Bulletin

    Solution
    Apply appropriate patches as mentioned in the IBM Security Bulletin
    http://www-01.ibm.com/support/docvie...id=swg21672192


    Vendor Information
    IBM
    http://www-01.ibm.com/support/docvie...id=swg21672192

    References

    Security Focus
    http://www.securityfocus.com/bid/67238/

    Xforce
    http://xforce.iss.net/xforce/xfdb/92844
Tag Cloud Tag Cloud Module
Collapse
Working...
X