nvd-json-data-feeds/CVE-2009/CVE-2009-08xx/CVE-2009-0879.json

{
  "id": "CVE-2009-0879",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2009-03-12T15:20:49.953",
  "lastModified": "2018-10-10T19:32:16.927",
  "vulnStatus": "Modified",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The CIM server in IBM Director before 5.20.3 Service Update 2 on Windows allows remote attackers to cause a denial of service (daemon crash) via a long consumer name, as demonstrated by an M-POST request to a long /CIMListener/ URI."
    },
    {
      "lang": "es",
      "value": "El servidor CIM en IBM Director anterior a v5.20.3 Service Update 2 sobre Windows permite a los atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del demonio) a trav\u00e9s de un nombre largo \"consumer\", como se ha demostrado en una petici\u00f3n M-POST a una URI larga /CIMListener/."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ]
    }
  ],
  "configurations": [
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:director:*:service_update_1:*:*:*:*:*:*",
              "versionEndIncluding": "5.20.3",
              "matchCriteriaId": "D525C638-4015-4E45-9A82-1CABAC1DCC54"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:director:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D18E2470-6359-4E0C-83E7-880FA6EC8520"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:director:4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "622C9C51-0EB7-449F-96F0-07BC976CADDD"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:director:4.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B2A9EE4-B5EA-451E-9A50-0BB901A7BD2C"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:director:4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "05D211F7-9F61-4E93-8C5E-596B782E0BC3"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:director:4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5EE0669-1042-4580-8883-793C2F4272C4"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:director:4.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "92C5D77E-60BC-406F-86F6-2F1F0C9C8E37"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:director:4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "E60AE021-6483-4075-B0F5-4DBF49F5332A"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:director:5.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AA0F5AD-D17D-492B-B463-52C40BA0B03B"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:director:5.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AD25392-1D9D-47C9-BAE3-7C2B24663A20"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:director:5.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2D5A503-C92F-4EB9-8B5F-F59A1C6FAB76"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:director:5.10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "824785BD-CA6D-4FDB-ADB3-428360D2F624"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:director:5.20.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BCA51AD-90E3-4DC5-BA4A-95A8B55C2DDD"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:director:5.20.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0B3F58B-3D5C-4B3D-BA72-050270D741AE"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:director:5.20.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA69558A-697A-4FEC-A8EA-7E71DF9C4764"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://osvdb.org/52615",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://secunia.com/advisories/34212",
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://securitytracker.com/id?1021825",
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.securityfocus.com/archive/1/501638/100/0/threaded",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.securityfocus.com/bid/34061",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.vupen.com/english/advisories/2009/0656",
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ]
    },
    {
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49285",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://www.exploit-db.com/exploits/8190",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://www.sec-consult.com/files/20090305-1_IBM_director_DoS.txt",
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ]
    },
    {
      "url": "https://www14.software.ibm.com/webapp/iwm/web/reg/download.do?source=dmp&S_PKG=director_x_520&S_TACT=sms&lang=en_US&cp=UTF-8",
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ]
    }
  ]
}