ID CVE-2009-0505Type cveReporter cve@mitre.orgModified 2017-08-08T01:33:00
Description
The CICS listener in IBM TXSeries for Multiplatforms 6.2 GA waits for a forcepurge acknowledgement from the CICS Application Server (CICSAS) after an eci response timeout, which might allow remote authenticated users to cause a denial of service (forcepurge handling delay), or have unspecified other impact, via vectors involving slow or nonexistent acknowledgement.
{"id": "CVE-2009-0505", "bulletinFamily": "NVD", "title": "CVE-2009-0505", "description": "The CICS listener in IBM TXSeries for Multiplatforms 6.2 GA waits for a forcepurge acknowledgement from the CICS Application Server (CICSAS) after an eci response timeout, which might allow remote authenticated users to cause a denial of service (forcepurge handling delay), or have unspecified other impact, via vectors involving slow or nonexistent acknowledgement.", "published": "2009-02-25T16:30:00", "modified": "2017-08-08T01:33:00", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0505", "reporter": "cve@mitre.org", "references": ["http://www-01.ibm.com/support/docview.wss?uid=swg24019725", "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ22391", "http://www.securityfocus.com/bid/33883", "http://www.vupen.com/english/advisories/2009/0911", "https://exchange.xforce.ibmcloud.com/vulnerabilities/48885"], "cvelist": ["CVE-2009-0505"], "type": "cve", "lastseen": "2021-02-02T05:39:59", "edition": 4, "viewCount": 4, "enchantments": {"dependencies": {"references": [{"type": "nessus", "idList": ["TXSERIES_6_2_IF7.NASL"]}], "modified": "2021-02-02T05:39:59", "rev": 2}, "score": {"value": 4.4, "vector": "NONE", "modified": "2021-02-02T05:39:59", "rev": 2}, "vulnersScore": 4.4}, "cpe": ["cpe:/a:ibm:txseries:6.2"], "affectedSoftware": [{"cpeName": "ibm:txseries", "name": "ibm txseries", "operator": "eq", "version": "6.2"}, {"cpeName": "ibm:txseries", "name": "ibm txseries", "operator": "eq", "version": "6.2"}, {"cpeName": "ibm:txseries", "name": "ibm txseries", "operator": "eq", "version": "6.2"}, {"cpeName": "ibm:txseries", "name": "ibm txseries", "operator": "eq", "version": "6.2"}, {"cpeName": "ibm:txseries", "name": "ibm txseries", "operator": "eq", "version": "6.2"}, {"cpeName": "ibm:txseries", "name": "ibm txseries", "operator": "eq", "version": "6.2"}], "cvss2": {"acInsufInfo": true, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:a:ibm:txseries:6.2:-:aix:*:*:*:*:*", "cpe:2.3:a:ibm:txseries:6.2:-:ga:*:*:*:*:*", "cpe:2.3:a:ibm:txseries:6.2:-:hp-ux:*:*:*:*:*", "cpe:2.3:a:ibm:txseries:6.2:-:solaris:*:*:*:*:*", "cpe:2.3:a:ibm:txseries:6.2:-:hp-ia:*:*:*:*:*", "cpe:2.3:a:ibm:txseries:6.2:-:windows:*:*:*:*:*"], "cwe": ["NVD-CWE-noinfo"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:ibm:txseries:6.2:-:hp-ia:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:txseries:6.2:-:aix:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:txseries:6.2:-:windows:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:txseries:6.2:-:hp-ux:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:txseries:6.2:-:ga:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:txseries:6.2:-:solaris:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "ADV-2009-0911", "refsource": "VUPEN", "tags": [], "url": "http://www.vupen.com/english/advisories/2009/0911"}, {"name": "txseries-forcepurge-wait-unspecified(48885)", "refsource": "XF", "tags": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48885"}, {"name": "IZ22391", "refsource": "AIXAPAR", "tags": [], "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ22391"}, {"name": "33883", "refsource": "BID", "tags": [], "url": "http://www.securityfocus.com/bid/33883"}, {"name": "http://www-01.ibm.com/support/docview.wss?uid=swg24019725", "refsource": "CONFIRM", "tags": ["Patch", "Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24019725"}]}
{"nessus": [{"lastseen": "2021-02-01T07:11:03", "description": "The version of IBM TXSeries installed on the remote host reportedly\nwaits for a 'forcepurge' acknowledgement from a CICS Application\nServer after an 'eci' response timeout. A remote, authenticated\nattacker may be able to leverage this issue to cause a denial of\nservice or have some other unspecified impact.", "edition": 24, "published": "2009-02-27T00:00:00", "title": "IBM TXSeries for Multiplatforms CICS Listener Crafted CICSAS eci Response Timeout DoS", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0505"], "modified": "2021-02-02T00:00:00", "cpe": [], "id": "TXSERIES_6_2_IF7.NASL", "href": "https://www.tenable.com/plugins/nessus/35743", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(35743);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/08/01 17:36:15\");\n\n script_cve_id(\"CVE-2009-0505\");\n script_bugtraq_id(33883);\n\n script_name(english:\"IBM TXSeries for Multiplatforms CICS Listener Crafted CICSAS eci Response Timeout DoS\");\n script_summary(english:\"Checks version of libcicsco.dll\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host has an application that is affected by an\nunspecified vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of IBM TXSeries installed on the remote host reportedly\nwaits for a 'forcepurge' acknowledgement from a CICS Application\nServer after an 'eci' response timeout. A remote, authenticated\nattacker may be able to leverage this issue to cause a denial of\nservice or have some other unspecified impact.\");\n\n script_set_attribute(attribute:\"solution\", value:\"Apply the recommended Interim Fix.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/02/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n script_dependencies(\"smb_enum_services.nasl\", \"smb_hotfixes.nasl\");\n script_require_keys(\"SMB/Registry/Enumerated\");\n script_require_ports(139, 445);\n exit(0);\n}\n\n#\n\ninclude(\"smb_func.inc\");\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes.inc\");\n\n\nif (!get_kb_item(\"SMB/Registry/Enumerated\")) exit(0);\n\n\nfunction display_dword (dword, nox)\n{\n local_var tmp;\n\n if (isnull(nox) || (nox == FALSE))\n tmp = \"0x\";\n else\n tmp = \"\";\n\n return string (tmp,\n toupper(\n hexstr(\n raw_string(\n (dword >>> 24) & 0xFF,\n (dword >>> 16) & 0xFF,\n (dword >>> 8) & 0xFF,\n dword & 0xFF\n )\n )\n )\n );\n}\n\n\n# Connect to the appropriate share.\nname = kb_smb_name();\nport = kb_smb_transport();\nlogin = kb_smb_login();\npass = kb_smb_password();\ndomain = kb_smb_domain();\n\n\n\nif(! smb_session_init()) audit(AUDIT_FN_FAIL, 'smb_session_init');\nrc = NetUseAdd(login:login, password:pass, domain:domain, share:\"IPC$\");\nif (rc != 1) {\n NetUseDel();\n exit(0);\n}\n\n\n# Connect to remote registry.\nhklm = RegConnectRegistry(hkey:HKEY_LOCAL_MACHINE);\nif (isnull(hklm))\n{\n NetUseDel();\n exit(0);\n}\n\n\n# Find the install path.\npath = NULL;\n\nkey = \"SOFTWARE\\IBM\\TXSeries-CICS\\CurrentVersion\";\nkey_h = RegOpenKey(handle:hklm, key:key, mode:MAXIMUM_ALLOWED);\nif (!isnull(key_h))\n{\n item = RegQueryValue(handle:key_h, item:\"InstallPath\");\n if (!isnull(item))\n {\n path = item[1];\n path = ereg_replace(pattern:\"^(.+)\\\\$\", replace:\"\\1\", string:path);\n }\n\n RegCloseKey(handle:key_h);\n}\nRegCloseKey(handle:hklm);\nif (isnull(path))\n{\n NetUseDel();\n exit(0);\n}\n\n\n# Grab the version from libcicsco.dll\nshare = ereg_replace(pattern:\"^([A-Za-z]):.*\", replace:\"\\1$\", string:path);\ndll = ereg_replace(pattern:\"^[A-Za-z]:(.*)\", replace:\"\\1\\bin\\libcicsco.dll\", string:path);\nNetUseDel(close:FALSE);\n\nrc = NetUseAdd(login:login, password:pass, domain:domain, share:share);\nif (rc != 1)\n{\n NetUseDel();\n exit(0);\n}\n\nfh = CreateFile(\n file:dll,\n desired_access:GENERIC_READ,\n file_attributes:FILE_ATTRIBUTE_NORMAL,\n share_mode:FILE_SHARE_READ,\n create_disposition:OPEN_EXISTING\n);\n\nversion = NULL;\nif (!isnull(fh))\n{\n ret = GetFileVersionEx(handle:fh);\n if (!isnull(ret)) children = ret['Children'];\n if (!isnull(children))\n {\n varfileinfo = children['VarFileInfo'];\n if (!isnull(varfileinfo))\n {\n translation =\n (get_word (blob:varfileinfo['Translation'], pos:0) << 16) +\n get_word (blob:varfileinfo['Translation'], pos:2);\n translation = tolower(display_dword(dword:translation, nox:TRUE));\n }\n stringfileinfo = children['StringFileInfo'];\n if (!isnull(stringfileinfo) && !isnull(translation))\n {\n data = stringfileinfo[translation];\n if (!isnull(data)) version = data['FileVersion'];\n else\n {\n data = stringfileinfo[toupper(translation)];\n if (!isnull(data)) version = data['FileVersion'];\n }\n }\n }\n\n CloseFile(handle:fh);\n}\nNetUseDel();\n\n\n# Check for affected versions.\nif (\n !isnull(version) &&\n \"TXSeries \" >< version &&\n (\n version =~ \"^TXSeries ([0-5]\\.|6\\.[01]\\.)\" ||\n # nb: FileVersion for fix is \"TXSeries 6.2.0.0 Interim Service Fix 7 s620-L080611\"\n version =~ \"^TXSeries 6\\.2\\.0\\.0 .+-L0([0-7]|80([1-5]|6(0[0-9]|10)))\"\n )\n)\n{\n if (report_verbosity)\n {\n report = string(\n \"\\n\",\n path, \"\\\\bin\\\\libcicsco.dll has not been patched :\\n\",\n \"\\n\",\n \" Actual FileVersion : \", version, \"\\n\",\n \" Expected FileVersion : TXSeries 6.2.0.0 Interim Service Fix 7 s620-L080611\\n\"\n );\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}]}
