ID CVE-2009-0505Type cveReporter cve@mitre.orgModified 2017-08-08T01:33:00
Description
The CICS listener in IBM TXSeries for Multiplatforms 6.2 GA waits for a forcepurge acknowledgement from the CICS Application Server (CICSAS) after an eci response timeout, which might allow remote authenticated users to cause a denial of service (forcepurge handling delay), or have unspecified other impact, via vectors involving slow or nonexistent acknowledgement.
{"id": "CVE-2009-0505", "bulletinFamily": "NVD", "title": "CVE-2009-0505", "description": "The CICS listener in IBM TXSeries for Multiplatforms 6.2 GA waits for a forcepurge acknowledgement from the CICS Application Server (CICSAS) after an eci response timeout, which might allow remote authenticated users to cause a denial of service (forcepurge handling delay), or have unspecified other impact, via vectors involving slow or nonexistent acknowledgement.", "published": "2009-02-25T16:30:00", "modified": "2017-08-08T01:33:00", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0505", "reporter": "cve@mitre.org", "references": ["http://www-01.ibm.com/support/docview.wss?uid=swg24019725", "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ22391", "http://www.securityfocus.com/bid/33883", "http://www.vupen.com/english/advisories/2009/0911", "https://exchange.xforce.ibmcloud.com/vulnerabilities/48885"], "cvelist": ["CVE-2009-0505"], "type": "cve", "lastseen": "2019-05-29T18:09:57", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "4eb1bdeb63a3beb9ca16283d709623a6"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "ef09bb9afc1d2ad2e411ef4c677d40b1"}, {"key": "cpe23", "hash": "2175c2dbaa4b0d72b9aa2a5a069822dc"}, {"key": "cvelist", "hash": "60aa71285322a2b93de20c08a1051ced"}, {"key": "cvss", "hash": "62e86bb7716385cd46817416916a7bbd"}, {"key": "cvss2", "hash": "a6674711d5258b061e81bdf1502ce727"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "d370d473ba1bd1721d669ef98e2aeebb"}, {"key": "description", "hash": "b416fb692815e43b81298dc70ed77948"}, {"key": "href", "hash": "fc0fb0ff016625d1c4afbd23f710e96d"}, {"key": "modified", "hash": "8004a81951076f215123ecae93154cff"}, {"key": "published", "hash": "6661a28c35d2b7eb3e25081a210c3c38"}, {"key": "references", "hash": "c819206061ceb20c764238de2c5b8aa7"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "62ef26def8e93dadf15735810f312434"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "760a6ccda74d9d516d844f3d75a21dcf6131c1b3ed916213445d44cbd212db9d", "viewCount": 0, "enchantments": {"score": {"value": 4.4, "vector": "NONE", "modified": "2019-05-29T18:09:57"}, "dependencies": {"references": [{"type": "nessus", "idList": ["TXSERIES_6_2_IF7.NASL"]}], "modified": "2019-05-29T18:09:57"}, "vulnersScore": 4.4}, "objectVersion": "1.3", "cpe": ["cpe:/a:ibm:txseries:6.2"], "affectedSoftware": [{"name": "ibm txseries", "operator": "eq", "version": "6.2"}], "cvss2": {"acInsufInfo": true, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:a:ibm:txseries:6.2:-:aix:*:*:*:*:*", "cpe:2.3:a:ibm:txseries:6.2:-:ga:*:*:*:*:*", "cpe:2.3:a:ibm:txseries:6.2:-:hp-ux:*:*:*:*:*", "cpe:2.3:a:ibm:txseries:6.2:-:solaris:*:*:*:*:*", "cpe:2.3:a:ibm:txseries:6.2:-:hp-ia:*:*:*:*:*", "cpe:2.3:a:ibm:txseries:6.2:-:windows:*:*:*:*:*"], "cwe": ["NVD-CWE-noinfo"]}
{"nessus": [{"lastseen": "2020-02-01T02:37:39", "bulletinFamily": "scanner", "description": "The version of IBM TXSeries installed on the remote host reportedly\nwaits for a ", "modified": "2020-02-02T00:00:00", "id": "TXSERIES_6_2_IF7.NASL", "href": "https://www.tenable.com/plugins/nessus/35743", "published": "2009-02-27T00:00:00", "title": "IBM TXSeries for Multiplatforms CICS Listener Crafted CICSAS eci Response Timeout DoS", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(35743);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/08/01 17:36:15\");\n\n script_cve_id(\"CVE-2009-0505\");\n script_bugtraq_id(33883);\n\n script_name(english:\"IBM TXSeries for Multiplatforms CICS Listener Crafted CICSAS eci Response Timeout DoS\");\n script_summary(english:\"Checks version of libcicsco.dll\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host has an application that is affected by an\nunspecified vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of IBM TXSeries installed on the remote host reportedly\nwaits for a 'forcepurge' acknowledgement from a CICS Application\nServer after an 'eci' response timeout. A remote, authenticated\nattacker may be able to leverage this issue to cause a denial of\nservice or have some other unspecified impact.\");\n\n script_set_attribute(attribute:\"solution\", value:\"Apply the recommended Interim Fix.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/02/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n script_dependencies(\"smb_enum_services.nasl\", \"smb_hotfixes.nasl\");\n script_require_keys(\"SMB/Registry/Enumerated\");\n script_require_ports(139, 445);\n exit(0);\n}\n\n#\n\ninclude(\"smb_func.inc\");\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes.inc\");\n\n\nif (!get_kb_item(\"SMB/Registry/Enumerated\")) exit(0);\n\n\nfunction display_dword (dword, nox)\n{\n local_var tmp;\n\n if (isnull(nox) || (nox == FALSE))\n tmp = \"0x\";\n else\n tmp = \"\";\n\n return string (tmp,\n toupper(\n hexstr(\n raw_string(\n (dword >>> 24) & 0xFF,\n (dword >>> 16) & 0xFF,\n (dword >>> 8) & 0xFF,\n dword & 0xFF\n )\n )\n )\n );\n}\n\n\n# Connect to the appropriate share.\nname = kb_smb_name();\nport = kb_smb_transport();\nlogin = kb_smb_login();\npass = kb_smb_password();\ndomain = kb_smb_domain();\n\n\n\nif(! smb_session_init()) audit(AUDIT_FN_FAIL, 'smb_session_init');\nrc = NetUseAdd(login:login, password:pass, domain:domain, share:\"IPC$\");\nif (rc != 1) {\n NetUseDel();\n exit(0);\n}\n\n\n# Connect to remote registry.\nhklm = RegConnectRegistry(hkey:HKEY_LOCAL_MACHINE);\nif (isnull(hklm))\n{\n NetUseDel();\n exit(0);\n}\n\n\n# Find the install path.\npath = NULL;\n\nkey = \"SOFTWARE\\IBM\\TXSeries-CICS\\CurrentVersion\";\nkey_h = RegOpenKey(handle:hklm, key:key, mode:MAXIMUM_ALLOWED);\nif (!isnull(key_h))\n{\n item = RegQueryValue(handle:key_h, item:\"InstallPath\");\n if (!isnull(item))\n {\n path = item[1];\n path = ereg_replace(pattern:\"^(.+)\\\\$\", replace:\"\\1\", string:path);\n }\n\n RegCloseKey(handle:key_h);\n}\nRegCloseKey(handle:hklm);\nif (isnull(path))\n{\n NetUseDel();\n exit(0);\n}\n\n\n# Grab the version from libcicsco.dll\nshare = ereg_replace(pattern:\"^([A-Za-z]):.*\", replace:\"\\1$\", string:path);\ndll = ereg_replace(pattern:\"^[A-Za-z]:(.*)\", replace:\"\\1\\bin\\libcicsco.dll\", string:path);\nNetUseDel(close:FALSE);\n\nrc = NetUseAdd(login:login, password:pass, domain:domain, share:share);\nif (rc != 1)\n{\n NetUseDel();\n exit(0);\n}\n\nfh = CreateFile(\n file:dll,\n desired_access:GENERIC_READ,\n file_attributes:FILE_ATTRIBUTE_NORMAL,\n share_mode:FILE_SHARE_READ,\n create_disposition:OPEN_EXISTING\n);\n\nversion = NULL;\nif (!isnull(fh))\n{\n ret = GetFileVersionEx(handle:fh);\n if (!isnull(ret)) children = ret['Children'];\n if (!isnull(children))\n {\n varfileinfo = children['VarFileInfo'];\n if (!isnull(varfileinfo))\n {\n translation =\n (get_word (blob:varfileinfo['Translation'], pos:0) << 16) +\n get_word (blob:varfileinfo['Translation'], pos:2);\n translation = tolower(display_dword(dword:translation, nox:TRUE));\n }\n stringfileinfo = children['StringFileInfo'];\n if (!isnull(stringfileinfo) && !isnull(translation))\n {\n data = stringfileinfo[translation];\n if (!isnull(data)) version = data['FileVersion'];\n else\n {\n data = stringfileinfo[toupper(translation)];\n if (!isnull(data)) version = data['FileVersion'];\n }\n }\n }\n\n CloseFile(handle:fh);\n}\nNetUseDel();\n\n\n# Check for affected versions.\nif (\n !isnull(version) &&\n \"TXSeries \" >< version &&\n (\n version =~ \"^TXSeries ([0-5]\\.|6\\.[01]\\.)\" ||\n # nb: FileVersion for fix is \"TXSeries 6.2.0.0 Interim Service Fix 7 s620-L080611\"\n version =~ \"^TXSeries 6\\.2\\.0\\.0 .+-L0([0-7]|80([1-5]|6(0[0-9]|10)))\"\n )\n)\n{\n if (report_verbosity)\n {\n report = string(\n \"\\n\",\n path, \"\\\\bin\\\\libcicsco.dll has not been patched :\\n\",\n \"\\n\",\n \" Actual FileVersion : \", version, \"\\n\",\n \" Expected FileVersion : TXSeries 6.2.0.0 Interim Service Fix 7 s620-L080611\\n\"\n );\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}]}
