CVE-2009-2754

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

SecuriTeam™
Beyond Security®

SecuriTeam™ Home
Ask the Team
Mailing Lists
Advertising Info
Blogs

	SecuriTeam™ in Your Inbox

	E-mail this CVE-2009-2754 to a friend

New vulnerability?
New tool?
Tell us

Credit:
The information has been provided by Sebastian Apelt.
The original article can be found at: http://www.zerodayinitiative.com/advisories/ZDI-10-023

Website Security Scan	Code Vulnerability Test	Network Assessment Tool
Detect hidden vulnerabilities	Exhaustive automated testing	Real-time, continuous security
Get guidance from professionals	of internal or 3rd party code.	scanning for your entire network

Check for CVE-2009-2754

Vulnerability Assessment and Management.
Automated Pen Testing for 50 to 50,000 nodes
beyondsecurity.com/vulnerability-scanner

Vulnerable Systems:
* IBM Informix
* EMC NetWorker

The specific flaw exists within the RPC protocol parsing library, librpc.dll, utilized by the ISM Portmapper service (portmap.exe) bound by default to TCP port 36890. During authentication, a lack of a proper signedness check on a supplied parameter size can result in exploitable stack based buffer overflow leading to arbitrary code execution under the context of the SYSTEM user.

Patch Availability:
IBM state this issue was first fixed in:
IDS 10.00.TC9, IDS 11.10.TC3

Recommended fix pack version: IDS 10.00.TC10, IDS 11.10.TC3 4.

URL to APAR or fixpack Fix pack download URL:
http://www-933.ibm.com/support/fixcentral/

APAR URLs
http://www.ibm.com/support/docview.wss?uid=swg1IC55329
http://www.ibm.com/support/docview.wss?uid=swg1IC55330EMC states:

EMC has released a Security Advisory (ESA-08-007) identifier to customers through Powerlink.

CVE Information:
CVE-2009-2754

Disclosure Timeline:
2008-02-07 - Vulnerability reported to vendor
2010-03-01 - Coordinated public release of advisory

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus