IBM Rational ClearQuest 7.1.1.x < / 7.1.2.x < / 8.0.0.x < Multiple Vulnerabilities (credentialed check)

High Nessus Plugin ID 59293


The remote Windows host has an application installed that is affected by multiple vulnerabilities.


The remote host is running a version of IBM Rational ClearQuest 7.1.1.x prior to / 7.1.2.x prior to / 8.0.0.x prior to installed. It is, therefore, affected by the following vulnerabilities :

- A SQL injection vulnerability exists in the ClearQuest Maintenance tool when upgrading the user database. Note that the Maintenance tool must be able to directly connect to ClearQuest repositories to be exploitable.
- A heap-based buffer overflow vulnerability exists in the 'RegisterSchemaRepoFromFileByDbSet' function of the CQOle ActiveX control (cqole.dll) due to improper parsing of parameters. Exploitation of this issue can result in arbitrary code execution. (CVE-2012-0708)


Upgrade to IBM Rational ClearQuest / / or later.

See Also

Plugin Details

Severity: High

ID: 59293

File Name: ibm_rational_clearquest_maintenance_tool_sql_injection.nasl

Version: $Revision: 1.6 $

Type: local

Agent: windows

Family: Windows

Published: 2012/05/29

Modified: 2015/03/13

Dependencies: 61564

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:ibm:rational_clearquest

Required KB Items: installed_sw/IBM Rational ClearQuest

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2012/05/10

Vulnerability Publication Date: 2012/05/10

Exploitable With

CANVAS (D2ExploitPack)

Core Impact

Metasploit (IBM Rational ClearQuest CQOle Remote Code Execution)

Reference Information

CVE: CVE-2011-1390, CVE-2012-0708

BID: 53170, 53483

OSVDB: 81443, 81815