Check Point Reference: | CPAI-2009-059 |
Date Published: | 3 Apr 2009 |
Severity: | Medium |
Last Updated: | Thursday 01 January, 2009 |
Source: | Secunia Advisory: SA34212 |
Industry Reference: | |
Protection Provided by: | |
Who is Vulnerable? | IBM Systems Director Prior to 5.20.3 |
Vulnerability Description | The CIM (Common Information Model) Server of IBM Director is vulnerable to a denial-of-service condition because the application fails to properly handle specially crafted requests. A remote attacker can exploit this vulnerability by sending crafted requests to the target host. Successful exploitation could result in a denial of service (DoS) condition of System Director services on the target host. |
Update/Patch Avaliable | The vendor has not released an advisory addressing this vulnerability. |
Vulnerability Details | The vulnerability is in the CIM Listener process while parsing crafted HTTP requests containing overly long Consumer Names in the URI. Successful exploitation would cause the CIM server to crash. |