IBM General Parallel File System Multiple Vulnerabilities (Windows) (POODLE)
Medium Nessus Plugin ID 80885
SynopsisA clustered file system on the remote host is affected by multiple vulnerabilities.
DescriptionA version of IBM General Parallel File System (GPFS) 3.5.x prior to 126.96.36.199 is installed on the remote Windows host. It is, therefore, affected by the following OpenSSL related vulnerabilities :
- An error exists related to DTLS SRTP extension handling and specially crafted handshake messages that can allow denial of service attacks via memory leaks.
- An error exists related to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode.
Man-in-the-middle attackers can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. This is also known as the 'POODLE' issue. (CVE-2014-3566)
- An error exists related to session ticket handling that can allow denial of service attacks via memory leaks.
- An error exists related to the build configuration process and the 'no-ssl3' build option that allows servers and clients to process insecure SSL 3.0 handshake messages. (CVE-2014-3568)
SolutionUpgrade to GPFS 188.8.131.52 or later.
If GPFS multiclustering is configured on Windows nodes, consult the vendor advisory for detailed instructions.