Vulnerability CVE-2013-0508
Published: 2013-06-04   Modified: 2013-06-05

Description:
Multiple buffer overflows in IBM Tivoli Netcool System Service Monitors (SSM) and Application Service Monitors (ASM) 4.0.0 before FP14 and 4.0.1 before FP1 allow context-dependent attackers to execute arbitrary code or cause a denial of service via a long line in (1) hrfstable.idx, (2) hrdevice.idx, (3) hrstorage.idx, or (4) lotusmapfile in the SSM Config directory, or (5) .manifest.hive in the main agent directory.

CVSS2 => (AV:N/AC:H/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.6/10
10/10
4.9/10
Exploit range
Attack complexity
Authentication
Remote
High
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
IBM -> Tivoli netcool application service monitors 
IBM -> Tivoli netcool system service monitors 

 References:
http://xforce.iss.net/xforce/xfdb/82333
http://www-01.ibm.com/support/docview.wss?uid=swg21638459
Copyright 2024, cxsecurity.com

 

Back to Top