IBM Cognos TM1 is enterprise planning software for planning, budgeting, forecasting and analysis.
IBM Cognos Express is an integrated business intelligence (BI) and planning solution which delivers the essential reporting, analysis, dashboard, scorecard, planning, budgeting and forecasting capabilities that midsize companies need.
The TM1 Admin Server (
tm1admsd.exe) that ships with IBM Cognos TM1 versions 9.5.x prior to 9.5.2 FP2 and 9.4.1 and IBM Cognos Express versions 9.5 and 9.0 is vulnerable to a buffer overflow because it does not check the size of the data being sent to it. This could permit a remote malicious attacker to run arbitrary code in the context of the Admin Server process.
This exploit was tested against IBM Cognos Express 9.5 on Windows XP SP3 English (DEP OptIn).
Exploit requires the IO-Socket-SSL PERL module to be installed on the scanning host. This module is available from <http://www.cpan.org/modules/by-module/IO/>.