U radu programskog paketa IBM WebSphere MQ uočena je i ispravljena nova sigurnosna ranjivost. Radi se u skupu alata koji služe za podršku komunikaciji između međusobno nezavisnih aplikacija na distribuiranim sustavima. Propust nastaje prilikom obrade određenih poruka i može uzrokovati prepisivanje spremnika. Napadač može ovu ranjivost iskoristiti preko posebno oblikovanih zaglavlja poruka kako bi pokrenuo vlastiti proizvoljan programski kod ili izveo napad uskraćivanja usluge. Objavljena su rješenja koja otklanjaju spomenuti problem te se svi korisnici potiču na njihovu uporabu.
IBM WebSphere MQ Message Header Buffer Overflow Vulnerability
Secunia Advisory SA42958
Release Date 2011-01-20
Criticality level Moderately criticalModerately critical
Impact System access
Where From local network
Authentication level Available in Customer Area
Report reliability Available in Customer Area
Solution Status Vendor Patch
Systems affected Available in Customer Area
Approve distribution Available in Customer Area
Software:
IBM WebSphere MQ 7.x
Secunia CVSS Score Available in Customer Area
CVE Reference(s) CVE-2011-0310 CVSS available in Customer Area
Description
A vulnerability has been reported in IBM WebSphere MQ, which can be exploited by malicious people to potentially compromise a vulnerable system.
The vulnerability is caused due to a boundary error while processing messages and can be exploited to cause a buffer overflow by sending a specially crafted message header.
Successful exploitation may allow execution of arbitrary code.
Solution
Apply APAR IZ77607 or update to version 7.0.1.4 when available.
Provided and/or discovered by
Reported by the vendor.
Original Advisory
IBM (IZ77607):
https://www-304.ibm.com/support/docview.wss?uid=swg1SE45551
https://www-304.ibm.com/support/docview.wss?uid=swg21254675
http://xforce.iss.net/xforce/xfdb/64628
Posljednje sigurnosne preporuke