IBM WebSphere MQ 多个未明远程内存崩溃漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1188416 漏洞类型 资源管理错误
发布时间 2007-11-14 更新时间 2008-10-02
CVE编号 CVE-2007-6044 CNNVD-ID CNNVD-200711-279
漏洞平台 N/A CVSS评分 10.0
|漏洞来源
https://www.securityfocus.com/bid/26441
https://cxsecurity.com/issue/WLB-2007110052
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200711-279
|漏洞详情
IBMWebSphereMQ6.0中存在多个未明漏洞,会导致包含"内存崩溃"在内的的未明影响和远程攻击向量。注意:在20071116,唯一披露的是一个模糊的预先没有可操作的信息公告。然而,因为它来自一个众所周知的研究人员。
|漏洞EXP
IRM, leaders in messaging systems security, have discovered six remote
vulnerabilities in IBM WebSphere MQ 6.0. The vulnerabilities are
currently being investigated by IBM and once patches have been
developed, advisories will be published including full technical details
and links to patch download information.

More information is available here:

http://www.irmplc.com/index.php/158-Messaging-System-Security
|受影响的产品
IBM WebSphere MQ 6.0.2 .2 IBM WebSphere MQ 5.3.1 IBM WebSphere MQ 5.3 .0.6 IBM WebSphere MQ 5.3 .0.5 IBM WebSphere MQ 5.3 .0.1 IBM WebSphere MQ 5.3 IBM WebSp
|参考资料

来源:BID
名称:26441
链接:http://www.securityfocus.com/bid/26441
来源:BUGTRAQ
名称:20071114SixRemoteMemoryCorruptionVulnerabilitiesinIBMWebSphereMQ6.0
链接:http://www.securityfocus.com/archive/1/archive/1/483708/100/0/threaded
来源:MISC
链接:http://www.irmplc.com/index.php/111-Vendor-Alerts#IBM
来源:OSVDB
名称:45302
链接:http://osvdb.org/45302
来源:SREASON
名称:3381
链接:http://securityreason.com/securityalert/3381