Re: IBM Director 3.1 Windows Agent Remote DoS
Tested on ver 4.11 of IBM Director. NOT Vulnerable. Suggest upgrade to ver.
4.11.
Version 3.1 does NOT run on Windows 2003. FYI
>>> "Juanma Merino" <t3k@xxxxxxxxxxx> 4/5/2004 1:28:14 PM >>>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Security Advisory by Juanma Merino
Remote DoS on IBM Director 3.1 Agent for Windows
Reported to esCERT UPC on: May 2003 (no response)
Vendor contacted on: March 1, 2004 (no response)
Vendor: IBM (www.ibm.com)
Systems Affected:
IBM Director 3.1 Agent for Windows
- Windows 2000 professional SP3, SP4
- Windows NT4 SP6a
- Other Windows flavours not tested but probably affected too.
Description:
When running Amap (www.thc.org) in order to discover what protocol is
running on TCP port 14247, IBM Director Agent for Windows crashes.
On the Window System Event Log two events shows the crash. Restart
services is needed in order to recover functionality.
Detailed advisory is publish on:
http://t3k.ibernet.com//Director31ad.html
Note: I have no answer from IBM. I don't know if they've send my
email to the trash or if they are working on it. So I've decided to
post the vulnerability. If someone with greater skills wants to take
a look contact me so I have more information regarding this
vulnerability.
E-mail: jmmerino[at]jazzfree.com
- ----------------------------------------------------------------
Juanma Merino
http://t3k.ibernet.com
- -----------------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6-2 (MingW32) - WinPT 0.5.5
iD8DBQFAcaQzlwxPI76KvK0RAjTbAKCZn4DosO+zBXnvbTY2GJwkgrVL2gCcD+/1
Ad5360qnOKGaVOVY1h/F184=
=DLpP
-----END PGP SIGNATURE-----