Signature Detail
Short Name |
APP:IBM:SYS-DIRECTOR-DLL-LOAD |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
IBM System Director Remote DLL Injection |
Release Date |
2013/02/27 |
Update Number |
2237 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: IBM System Director Remote DLL Injection
This signature detects attempts to exploit a known vulnerability against IBM System Director. A malicious attacker can load and execute arbitrary DLL code via remote location.
Extended Description
IBM Director is prone to a privilege-escalation vulnerability that affects the CIM server. Attackers can leverage this issue to execute arbitrary code with elevated privileges in the context of the CIM server process. Versions prior to IBM Director 5.20.3 Service Update 2 are affected.
Affected Products
- IBM Director 5.20.1
- IBM Director 5.20.3
References
- BugTraq: 34065
- CVE: CVE-2009-0880