Detections
Analytics

IBM Director <= 5.20.1 Multiple Idle Connections DoS

medium Nessus Network Monitor Plugin ID 4301

Synopsis

The remote host is vulnerable to a Denial of Service (DoS) attack.

Description

The remote server is running the IBM Director.
This version of IBM Director is vulnerable to an attack against resources. Specifically, an attacker making multiple connections to a service port can cause the system to consume high CPU and memory resources. Successful exploitation would result in the system becoming less responsive or crashing.

Solution

Upgrade or patch according to vendor recommendations.

See Also

http://www.kb.cert.org/vuls/id/512193

Plugin Details

Severity: Medium

ID: 4301

Family: Generic

Published: 11/29/2007

Updated: 3/6/2019

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Temporal Score: 4.9

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:ibm:director

Reference Information

CVE: CVE-2007-5612

BID: 26509