<<< Date Index >>>     <<< Thread Index >>>

Re: IBM Director 3.1 Windows Agent Remote DoS



Tested on ver 4.11 of IBM Director. NOT Vulnerable. Suggest upgrade to ver. 
4.11. 
Version 3.1 does NOT run on Windows 2003. FYI

>>> "Juanma Merino" <t3k@xxxxxxxxxxx> 4/5/2004 1:28:14 PM >>>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Security Advisory by Juanma Merino

Remote DoS on  IBM Director 3.1 Agent for Windows

Reported to esCERT UPC on: May 2003 (no response)

Vendor contacted on: March 1, 2004 (no response)

Vendor: IBM (www.ibm.com) 

Systems Affected:

IBM Director 3.1 Agent for Windows

    - Windows 2000 professional SP3, SP4

    - Windows NT4 SP6a

    - Other Windows flavours not tested but probably affected too.

Description:

When running Amap (www.thc.org) in order to discover what protocol is
running on TCP port 14247, IBM Director Agent for Windows crashes.

On the Window System Event Log two events shows the crash. Restart
services is needed in order to recover functionality.

Detailed advisory is publish on:
http://t3k.ibernet.com//Director31ad.html  


Note: I have no answer from IBM. I don't know if they've send my
email to the trash or if they are working on it. So I've decided to
post the vulnerability. If someone with greater skills wants to take
a look contact me so I have more information regarding this
vulnerability.

E-mail: jmmerino[at]jazzfree.com

- ----------------------------------------------------------------
Juanma Merino
http://t3k.ibernet.com 
- -----------------------------------------------------------------------------

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6-2 (MingW32) - WinPT 0.5.5

iD8DBQFAcaQzlwxPI76KvK0RAjTbAKCZn4DosO+zBXnvbTY2GJwkgrVL2gCcD+/1
Ad5360qnOKGaVOVY1h/F184=
=DLpP
-----END PGP SIGNATURE-----