Design/Logic Flaw

2009-01-1500:30:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

Low

0.02 Low

EPSS

Percentile

88.9%

JSON

The IBM WebSphere DataPower XML Security Gateway XS40 with firmware 3.6.1.5 allows remote attackers to cause a denial of service (device reboot) by sending data over an established SSL connection, as demonstrated by the abc\r\n\r\n string data.

CPENameOperatorVersion
websphere_datapower_xml_security_gateway_xs40eq3.6.1.5

CPE	Name	Operator	Version
	websphere_datapower_xml_security_gateway_xs40	eq	3.6.1.5

References

securityreason.com/securityalert/4911

www.securityfocus.com/archive/1/499870/100/0/threaded

www.securityfocus.com/bid/33169

www.securitytracker.com/id?1021547

www.vupen.com/english/advisories/2009/0111