Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:4901
HistoryMar 14, 2009 - 12:00 a.m.

IBM Director CIM服务器本地权限提升漏洞

2009-03-1400:00:00
Root
www.seebug.org
288

EPSS

0.405

Percentile

97.3%

JSON

BUGTRAQ ID: 34065
CVE(CAN) ID: CVE-2009-0880

IBM Director是行业领先的Intel架构系统远程工作组系统管理软件。

IBM Director组件中捆绑了一个CIM服务程序,用于监听传送给本地consumer的indication请求。这些consumer是在系统上的动态链接库或共享对象中实现的。由于没有对consumer名称守护程序检查Windows路径元字符(\),因此可以遍历文件系统指定系统上的任意库。CIM服务器会加载指定的DLL并调用其初始化函数PegasusCreateProvider(const char *)。

仅有能够向目标系统上传文件的本地用户才可以利用这个漏洞。

IBM Director <= 5.20.3
厂商补丁:

IBM

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

<a href=“https://www14.software.ibm.com/webapp/iwm/web/reg/download.do?source=dmp&amp;S_PKG=director_x_520&amp;S_TACT=sms&amp;lang=en_US&amp;cp=UTF-8” target=“_blank”>https://www14.software.ibm.com/webapp/iwm/web/reg/download.do?source=dmp&amp;S_PKG=director_x_520&amp;S_TACT=sms&amp;lang=en_US&amp;cp=UTF-8</a>


                                                * 以下请求会加载C:\mydll.dll:

M-POST /CIMListener/\..\..\..\..\mydll HTTP/1.1
CIMOperation: MethodCall
CIMExport: MethodRequest
CIMExportMethod: ExportIndication

[some xml]

Related

securityvulns 2
nvd 1
openvas 2
zdt 2
exploitpack 1
prion 1
packetstorm 2
seebug 1
exploitdb 3
metasploit 1
cve 1
cvelist 1
kaspersky 1
securityvulns
securityvulns
IBM Director code execution
2012-12-09 00:00:00
IBM System Director Remote System Level Exploit &#40;CVE-2009-0880 extended zeroday&#41;
2012-12-09 00:00:00
nvd
nvd
CVE-2009-0880
2009-03-12 15:20:49
openvas
openvas
IBM Director CIM Server CIMListener Directory Traversal Vulnerability - Active Check
2012-12-11 00:00:00
IBM Director CIM Server CIMListener Directory Traversal Vulnerability (Windows)
2012-12-11 00:00:00
zdt
zdt
IBM System Director Agent DLL Injection Vulnerability
2012-12-07 00:00:00
IBM System Director Remote System Level Exploit
2012-12-02 00:00:00
exploitpack
exploitpack
IBM System Director Agent - Remote System Level
2012-12-02 00:00:00
prion
prion
Directory traversal
2009-03-12 15:20:00
packetstorm
packetstorm
IBM System Director Agent DLL Injection
2012-12-07 00:00:00
IBM System Director Remote DLL Load
2012-12-03 00:00:00
seebug
seebug
IBM System Director Remote System Level Exploit
2014-07-01 00:00:00
exploitdb
exploitdb
IBM System Director Agent - DLL Injection (Metasploit)
2012-12-07 00:00:00
IBM System Director Agent - Remote System Level
2012-12-02 00:00:00
IBM System Director Agent 5.20 - CIM Server Privilege Escalation
2009-03-10 00:00:00
metasploit
metasploit
IBM System Director Agent DLL Injection
2012-12-06 15:43:07
cve
cve
CVE-2009-0880
2009-03-12 15:20:49
cvelist
cvelist
CVE-2009-0880
2009-03-12 15:00:00
kaspersky
kaspersky
KLA10198 Multiple vulnerabilities in IBM Director
2009-03-12 00:00:00

EPSS

0.405

Percentile

97.3%

JSON
Related for SSV:4901
securityvulns2nvd1openvas2zdt2exploitpack1prion1packetstorm2seebug1exploitdb3metasploit1cve1cvelist1kaspersky1