IBM Director <= 5.20.1 Multiple Idle Connections DoS

Medium Nessus Network Monitor Plugin ID 4301

Synopsis

The remote host is vulnerable to a Denial of Service (DoS) attack.

Description

The remote server is running the IBM Director.
This version of IBM Director is vulnerable to an attack against resources. Specifically, an attacker making multiple connections to a service port can cause the system to consume high CPU and memory resources. Successful exploitation would result in the system becoming less responsive or crashing.

Solution

Upgrade or patch according to vendor recommendations.

See Also

http://www.kb.cert.org/vuls/id/512193

Plugin Details

Severity: Medium

ID: 4301

Family: Generic

Published: 2007/11/29

Modified: 2016/01/21

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSSv3

Base Score: 5.3

Temporal Score: 4.9

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Temporal Vector: CVSS3#E:F/RL:O/RC:C

Reference Information

CVE: CVE-2007-5612

BID: 26509