CVE-2009-0879

IBM Director 5.20.3su2 CIM Server - Remote Denial of Service

Severity Score

5.0

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The CIM server in IBM Director before 5.20.3 Service Update 2 on Windows allows remote attackers to cause a denial of service (daemon crash) via a long consumer name, as demonstrated by an M-POST request to a long /CIMListener/ URI.

El servidor CIM en IBM Director anterior a v5.20.3 Service Update 2 sobre Windows permite a los atacantes remotos provocar una denegación de servicio (caída del demonio) a través de un nombre largo "consumer", como se ha demostrado en una petición M-POST a una URI larga /CIMListener/.

*Credits: N/A

CVSS Scores

NISTv2 5.0

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2009-03-12 CVE Reserved
2009-03-12 CVE Published
2024-08-07 CVE Updated
2024-08-07 First Exploit
2024-09-20 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-20: Improper Input Validation

CAPEC

References (10)

URL	Tag	Source
http://osvdb.org/52615	Vdb Entry
http://www.securityfocus.com/archive/1/501638/100/0/threaded	Mailing List
http://www.securityfocus.com/bid/34061	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/49285	Vdb Entry

URL	Date	SRC
https://www.exploit-db.com/exploits/8190	2024-08-07
https://www.sec-consult.com/files/20090305-1_IBM_director_DoS.txt	2024-08-07

URL	Date	SRC
http://www.vupen.com/english/advisories/2009/0656	2018-10-10
https://www14.software.ibm.com/webapp/iwm/web/reg/download.do?source=dmp&S_PKG=director_x_520&S_TACT=sms&lang=en_US&cp=UTF-8	2018-10-10

URL	Date	SRC
http://secunia.com/advisories/34212	2018-10-10
http://securitytracker.com/id?1021825	2018-10-10

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Ibm Search vendor "Ibm"	Director Search vendor "Ibm" for product "Director"	<= 5.20.3 Search vendor "Ibm" for product "Director" and version " <= 5.20.3"	service_update_1	Affected	in	Microsoft Search vendor "Microsoft"	Windows Search vendor "Microsoft" for product "Windows"	*	-	Safe
Ibm Search vendor "Ibm"	Director Search vendor "Ibm" for product "Director"	3.1.1 Search vendor "Ibm" for product "Director" and version "3.1.1"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows Search vendor "Microsoft" for product "Windows"	*	-	Safe
Ibm Search vendor "Ibm"	Director Search vendor "Ibm" for product "Director"	4.10 Search vendor "Ibm" for product "Director" and version "4.10"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows Search vendor "Microsoft" for product "Windows"	*	-	Safe
Ibm Search vendor "Ibm"	Director Search vendor "Ibm" for product "Director"	4.11 Search vendor "Ibm" for product "Director" and version "4.11"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows Search vendor "Microsoft" for product "Windows"	*	-	Safe
Ibm Search vendor "Ibm"	Director Search vendor "Ibm" for product "Director"	4.12 Search vendor "Ibm" for product "Director" and version "4.12"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows Search vendor "Microsoft" for product "Windows"	*	-	Safe
Ibm Search vendor "Ibm"	Director Search vendor "Ibm" for product "Director"	4.20 Search vendor "Ibm" for product "Director" and version "4.20"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows Search vendor "Microsoft" for product "Windows"	*	-	Safe
Ibm Search vendor "Ibm"	Director Search vendor "Ibm" for product "Director"	4.21 Search vendor "Ibm" for product "Director" and version "4.21"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows Search vendor "Microsoft" for product "Windows"	*	-	Safe
Ibm Search vendor "Ibm"	Director Search vendor "Ibm" for product "Director"	4.22 Search vendor "Ibm" for product "Director" and version "4.22"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows Search vendor "Microsoft" for product "Windows"	*	-	Safe
Ibm Search vendor "Ibm"	Director Search vendor "Ibm" for product "Director"	5.10.0 Search vendor "Ibm" for product "Director" and version "5.10.0"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows Search vendor "Microsoft" for product "Windows"	*	-	Safe
Ibm Search vendor "Ibm"	Director Search vendor "Ibm" for product "Director"	5.10.1 Search vendor "Ibm" for product "Director" and version "5.10.1"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows Search vendor "Microsoft" for product "Windows"	*	-	Safe
Ibm Search vendor "Ibm"	Director Search vendor "Ibm" for product "Director"	5.10.2 Search vendor "Ibm" for product "Director" and version "5.10.2"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows Search vendor "Microsoft" for product "Windows"	*	-	Safe
Ibm Search vendor "Ibm"	Director Search vendor "Ibm" for product "Director"	5.10.3 Search vendor "Ibm" for product "Director" and version "5.10.3"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows Search vendor "Microsoft" for product "Windows"	*	-	Safe
Ibm Search vendor "Ibm"	Director Search vendor "Ibm" for product "Director"	5.20.0 Search vendor "Ibm" for product "Director" and version "5.20.0"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows Search vendor "Microsoft" for product "Windows"	*	-	Safe
Ibm Search vendor "Ibm"	Director Search vendor "Ibm" for product "Director"	5.20.1 Search vendor "Ibm" for product "Director" and version "5.20.1"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows Search vendor "Microsoft" for product "Windows"	*	-	Safe
Ibm Search vendor "Ibm"	Director Search vendor "Ibm" for product "Director"	5.20.2 Search vendor "Ibm" for product "Director" and version "5.20.2"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows Search vendor "Microsoft" for product "Windows"	*	-	Safe