IBM Rational Build Forge Port State Error Lets Remote Users Deny Service
|
|
SecurityTracker Alert ID: 1019964
|
|
SecurityTracker URL: http://securitytracker.com/id?1019964
|
|
CVE Reference: GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: May 5 2008
|
Impact: Denial of service via network
|
Exploit Included: Yes
Vendor Confirmed: Yes
|
Version(s): 7.0.2
|
Description: A vulnerability was reported in IBM Rational Build Forge. A remote user can cause denial of service conditions.
A remote user can conduct a port scan to cause the agent to generate multiple bfagent server processes, consuming excessive CPU resources.
This may cause the target system to shutdown.
IBM has assigned APAR PK59905 to this vulnerability.
The vendor notes that
version 7.0.1 iFix1 is not affected.
|
Impact: A remote user can cause denial of service conditions.
|
Solution: No solution was available at the time of this entry.
As a workaround, IBM has issued a testfix, available from Rational Client Support.
The vendor's advisory is available at:
http://www-1.ibm.com/support/docview.wss?uid=swg21303877
|
Vendor URL: www-1.ibm.com/support/docview.wss?uid=swg21303877 (Links to External Site)
|
Cause: State error
|
Underlying OS: Linux (Any), UNIX (AIX), Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Mon, 5 May 2008 06:16:14 -0400
Subject: IBM Rational Build Forge
|
http://www-1.ibm.com/support/docview.wss?uid=swg21303877
|
|
