IBM Rational ClearQuest 7.1.1.x < 7.1.1.9 / 7.1.2.x < 7.1.2.6 / 8.0.0.x < 8.0.0.2 Multiple Vulnerabilities (credentialed check)

This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has an application installed that is affected
by multiple vulnerabilities.

Description :

The remote host is running a version of IBM Rational ClearQuest
7.1.1.x prior to 7.1.1.9 / 7.1.2.x prior to 7.1.2.6 / 8.0.0.x prior
to 8.0.0.2 installed. It is, therefore, affected by the following
vulnerabilities :

- A SQL injection vulnerability exists in the ClearQuest
Maintenance tool when upgrading the user database. Note
that the Maintenance tool must be able to directly
connect to ClearQuest repositories to be exploitable.
(CVE-2011-1390)

- A heap-based buffer overflow vulnerability exists in the
'RegisterSchemaRepoFromFileByDbSet' function of the
CQOle ActiveX control (cqole.dll) due to improper
parsing of parameters. Exploitation of this issue can
result in arbitrary code execution. (CVE-2012-0708)

See also :

http://www-01.ibm.com/support/docview.wss?uid=swg21594717
http://www-01.ibm.com/support/docview.wss?uid=swg21591705

Solution :

Upgrade to IBM Rational ClearQuest 7.1.1.9 / 7.1.2.6 / 8.0.0.2 or
later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.7
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 59293 ()

Bugtraq ID: 53170
53483

CVE ID: CVE-2011-1390
CVE-2012-0708

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now