certfr_avis - certa-2007-avi-183

CERTA-2007-AVI-183

Vulnerability from certfr_avis

De nombreuses vulnérabilités affectent IBM Tivoli Monitoring version 6.1.0, dont certaines permettent l'exécution de code arbitraire à distance.

Description

IBM a publié un correctif cumulatif (6.1.0-TIV-ITM-FP0002) pour IBM Tivoli Monitoring version 6.1.0. Une des vulnérabilités corrigées affecte le fichier kde.dll utilisé par les services Tivoli Universal Agent Primary Service (port TCP 10110), Monitoring Agent for Windows OS - Primary (port TCP 6014) et Tivoli Enterprise Portal Server (port TCP 14206). Cette vulnérabilité permet l'exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

IBM Tivoli Monitoring version 6.1.0.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

CVE-2007-2137 (GCVE-0-2007-2137)

Vulnerability from cvelistv5

Published

2007-04-22 19:00

Modified

2024-08-07 13:23

Severity ?

CWE

Summary

Heap-based buffer overflow in kde.dll in IBM Tivoli Monitoring Express 6.1.0 before Fix Pack 2, as used in Tivoli Universal Agent, Windows OS Monitoring agent, and Enterprise Portal Server, allows remote attackers to execute arbitrary code by sending a long string to a certain TCP port.

References

URL

Tags

	http://www.securitytracker.com/id?1017933	vdb-entry, x_refsource_SECTRACK
	http://www.vupen.com/english/advisories/2007/1456	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/archive/1/466216/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.zerodayinitiative.com/advisories/ZDI-07-018.html	x_refsource_MISC
	http://www-1.ibm.com/support/docview.wss?uid=swg24012341	x_refsource_MISC
	https://exchange.xforce.ibmcloud.com/vulnerabilities/33746	vdb-entry, x_refsource_XF
	http://www.securityfocus.com/bid/23558	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/24938	third-party-advisory, x_refsource_SECUNIA
	http://securityreason.com/securityalert/2597	third-party-advisory, x_refsource_SREASON

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T13:23:50.789Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1017933",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1017933"
          },
          {
            "name": "ADV-2007-1456",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1456"
          },
          {
            "name": "20070418 ZDI-07-018: IBM Tivoli Monitoring Express Universal Agent Heap Overflow Vunlerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/466216/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-018.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg24012341"
          },
          {
            "name": "tivoli-monitoring-multiple-bo(33746)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33746"
          },
          {
            "name": "23558",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/23558"
          },
          {
            "name": "24938",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24938"
          },
          {
            "name": "2597",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/2597"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-04-18T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in kde.dll in IBM Tivoli Monitoring Express 6.1.0 before Fix Pack 2, as used in Tivoli Universal Agent, Windows OS Monitoring agent, and Enterprise Portal Server, allows remote attackers to execute arbitrary code by sending a long string to a certain TCP port."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-16T14:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1017933",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1017933"
        },
        {
          "name": "ADV-2007-1456",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1456"
        },
        {
          "name": "20070418 ZDI-07-018: IBM Tivoli Monitoring Express Universal Agent Heap Overflow Vunlerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/466216/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-018.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg24012341"
        },
        {
          "name": "tivoli-monitoring-multiple-bo(33746)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33746"
        },
        {
          "name": "23558",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/23558"
        },
        {
          "name": "24938",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24938"
        },
        {
          "name": "2597",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/2597"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-2137",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in kde.dll in IBM Tivoli Monitoring Express 6.1.0 before Fix Pack 2, as used in Tivoli Universal Agent, Windows OS Monitoring agent, and Enterprise Portal Server, allows remote attackers to execute arbitrary code by sending a long string to a certain TCP port."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1017933",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1017933"
            },
            {
              "name": "ADV-2007-1456",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/1456"
            },
            {
              "name": "20070418 ZDI-07-018: IBM Tivoli Monitoring Express Universal Agent Heap Overflow Vunlerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/466216/100/0/threaded"
            },
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-07-018.html",
              "refsource": "MISC",
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-018.html"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg24012341",
              "refsource": "MISC",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg24012341"
            },
            {
              "name": "tivoli-monitoring-multiple-bo(33746)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33746"
            },
            {
              "name": "23558",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/23558"
            },
            {
              "name": "24938",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24938"
            },
            {
              "name": "2597",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/2597"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-2137",
    "datePublished": "2007-04-22T19:00:00.000Z",
    "dateReserved": "2007-04-18T00:00:00.000Z",
    "dateUpdated": "2024-08-07T13:23:50.789Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted