-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


IBM SECURITY ADVISORY

First Issued: Mon Nov 19 17:23:52 CDT 2012

The most recent version of this document is available here:
| Updated: Tue Nov 20 10:54:51 CDT 2012
| Update:  Updated CVSS Vector

http://aix.software.ibm.com/aix/efixes/security/squadrons_advisory.asc

===============================================================================

TITLE: Security Vulnerability in Select IBM Power 5 Systems - Service Processor 


Abstract: A vulnerability has been identified in select Power 5 Systems which 
provides elevated privilege on the IBM Service Processor.


Content 
VULNERABILITY DETAILS: 


DESCRIPTION: 
A security issue has been identified on IBM Power 5 Systems such that the 
firewall code does not get executed in certain network configurations leading
to elevated privilege.  The issue only exists on Service Processor for IBM 
Power 5 Systems listed below and has not been found to exist in any other IBM
System.


CVEID: CVE-2012-4856
CVSS Base Score: 7.9
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/79736 for the 
current score
CVSS Environmental Score*: Undefined
| CVSS Vector: (AV:A/AC:M/Au:N/C:C/I:C/A:C)


AFFECTED PRODUCTS AND VERSIONS:  
Platforms (MTM) Impacted: 9117-570, 9110-51A, 9111-520, 9131-52A, 9113-550, 
9133-55A, 9116-561, 9111-285, 9115-505, 9110-510, 9118-575, 9123-710, 9124-720
9405-520, 9406-520, 9407-515, 9406-525, 9406-550, 9406-570


REMEDIATION:  
Upgrade to SF240_418_382 or higher. The fix can be obtained from FixCentral 
by providing the MTM and current fix level.


Workaround(s):  
Configure (any) Static IP addresses on at least one Ethernet interface of the 
IBM Service processor.


Mitigation(s):  
1) Apply workaround as stated above
2) Apply Firmware fix as stated above.


REFERENCES:  
Complete CVSS Guide
On-line Calculator V2 
CVE-2012-4856 
X-Force Vulnerability Database http://xforce.iss.net/xforce/xfdb/79736


RELATED INFORMATION:  
IBM Secure Engineering Web Portal 
https://www-304.ibm.com/jct03001c/security/secure-engineering/

IBM Product Security Incident Response Blog
https://www-304.ibm.com/connections/blogs/PSIRT/?lang=en_us


ACKNOWLEDGEMENT
The vulnerability was reported to IBM by Brian Smith. 

CHANGE HISTORY
19 November 2012: Original copy published

*The CVSS Environment Score is customer environment specific and will 
ultimately impact the Overall CVSS Score. Customers can evaluate the impact of
this vulnerability in their environments by accessing the links in the 
Reference section of this Flash.

Note: According to the Forum of Incident Response and Security Teams (FIRST), 
the Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response."  IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT OF ANY
KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
PARTICULAR PURPOSE.   CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF
ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (AIX)

iD8DBQFQq8Wr4fmd+Ci/qhIRAtU1AJ9ix2MGj9oLMEIG8XCU7bh6MsZ6KwCdFQh8
sJZIC0sFic9tdjaRqoeclZc=
=/fzV
-----END PGP SIGNATURE-----