FKIE_CVE-2009-0880

Vulnerability from fkie_nvd - Published: 2009-03-12 15:20 - Updated: 2025-04-09 00:30
Severity ?
Summary
Directory traversal vulnerability in the CIM server in IBM Director before 5.20.3 Service Update 2 on Windows allows remote attackers to load and execute arbitrary local DLL code via a .. (dot dot) in a /CIMListener/ URI in an M-POST request.
References
cve@mitre.orghttp://osvdb.org/52616
cve@mitre.orghttp://secunia.com/advisories/34212Vendor Advisory
cve@mitre.orghttp://www.securityfocus.com/archive/1/501639/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/34065
cve@mitre.orghttp://www.vupen.com/english/advisories/2009/0656Patch, Vendor Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/49286
cve@mitre.orghttps://www.sec-consult.com/files/20090305-2_IBM_director_privilege_escalation.txtExploit
cve@mitre.orghttps://www14.software.ibm.com/webapp/iwm/web/reg/download.do?source=dmp&S_PKG=director_x_520&S_TACT=sms&lang=en_US&cp=UTF-8Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/52616
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34212Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/501639/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/34065
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/0656Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/49286
af854a3a-2127-422b-91ae-364da2661108https://www.sec-consult.com/files/20090305-2_IBM_director_privilege_escalation.txtExploit
af854a3a-2127-422b-91ae-364da2661108https://www14.software.ibm.com/webapp/iwm/web/reg/download.do?source=dmp&S_PKG=director_x_520&S_TACT=sms&lang=en_US&cp=UTF-8Patch, Vendor Advisory
Impacted products
Vendor Product Version
ibm director *
ibm director 3.1.1
ibm director 4.10
ibm director 4.11
ibm director 4.12
ibm director 4.20
ibm director 4.21
ibm director 4.22
ibm director 5.10.0
ibm director 5.10.1
ibm director 5.10.2
ibm director 5.10.3
ibm director 5.20.0
ibm director 5.20.1
ibm director 5.20.2
microsoft windows *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:director:*:service_update_1:*:*:*:*:*:*",
              "matchCriteriaId": "D525C638-4015-4E45-9A82-1CABAC1DCC54",
              "versionEndIncluding": "5.20.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:director:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D18E2470-6359-4E0C-83E7-880FA6EC8520",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:director:4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "622C9C51-0EB7-449F-96F0-07BC976CADDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:director:4.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B2A9EE4-B5EA-451E-9A50-0BB901A7BD2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:director:4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "05D211F7-9F61-4E93-8C5E-596B782E0BC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:director:4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5EE0669-1042-4580-8883-793C2F4272C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:director:4.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "92C5D77E-60BC-406F-86F6-2F1F0C9C8E37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:director:4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "E60AE021-6483-4075-B0F5-4DBF49F5332A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:director:5.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AA0F5AD-D17D-492B-B463-52C40BA0B03B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:director:5.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AD25392-1D9D-47C9-BAE3-7C2B24663A20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:director:5.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2D5A503-C92F-4EB9-8B5F-F59A1C6FAB76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:director:5.10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "824785BD-CA6D-4FDB-ADB3-428360D2F624",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:director:5.20.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BCA51AD-90E3-4DC5-BA4A-95A8B55C2DDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:director:5.20.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0B3F58B-3D5C-4B3D-BA72-050270D741AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:director:5.20.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA69558A-697A-4FEC-A8EA-7E71DF9C4764",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Directory traversal vulnerability in the CIM server in IBM Director before 5.20.3 Service Update 2 on Windows allows remote attackers to load and execute arbitrary local DLL code via a .. (dot dot) in a /CIMListener/ URI in an M-POST request."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de salto de directorio en el servidor CIM en IBM Director anteriores v5.20.3 Service Update 2 en Windows que permite a los atacantes remotos cargar y ejecutar arbitrariamente c\u00f3digo DLL local a trav\u00e9s .. (punto punto) en un /CIMListener/ URI en una petici\u00f3n M-POST."
    }
  ],
  "evaluatorSolution": "Per: http://www.securityfocus.com/archive/1/archive/1/501639/100/0/threaded\r\n\r\n\"The vendor has adressed this vulnerability in service update 2 for IBM\r\nDirector agent 5.20.3. Download link:\r\n\r\nhttps://www14.software.ibm.com/webapp/iwm/web/reg/download.do?source=dmp\r\n\u0026S_PKG=director_x_520\u0026S_TACT=sms\u003c=en_US\u0026cp=UTF-8\"",
  "id": "CVE-2009-0880",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-03-12T15:20:49.983",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/52616"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34212"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/501639/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/34065"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/0656"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49286"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "https://www.sec-consult.com/files/20090305-2_IBM_director_privilege_escalation.txt"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www14.software.ibm.com/webapp/iwm/web/reg/download.do?source=dmp\u0026S_PKG=director_x_520\u0026S_TACT=sms\u0026lang=en_US\u0026cp=UTF-8"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/52616"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34212"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/501639/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/34065"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/0656"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49286"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "https://www.sec-consult.com/files/20090305-2_IBM_director_privilege_escalation.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www14.software.ibm.com/webapp/iwm/web/reg/download.do?source=dmp\u0026S_PKG=director_x_520\u0026S_TACT=sms\u0026lang=en_US\u0026cp=UTF-8"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.