Advisories
Please read our Vulnerability Disclosure Policy.
Full TextIBM WebSphere MQ rriAcceptOAMUserAuth Heap Overflow Vulnerability
Oct 02, 2009
In June MWR InfoSecurity reported an IBM WebSphere MQ Remote Buffer Overflow. Due to the nature of the vulnerability full details were not released at that time. IBM have since released a patch and therefore the full details of the vulnerability can now be released:
The WebSphere MQ service can be used to transfer messages between systems and applications. It has been identified that incorrect data validation is performed leading to a subsequent heap overflow vulnerability in the packet handling routines. This vulnerability is associated with the memory allocation code and can result in the overwriting of data on the heap. This vulnerability could be exploited remotely from an unauthenticated perspective in order to execute arbitrary code.
The full advisory can be found from the download link above.
Altiris Deployment Solution Vulnerabilities
Sep 07, 2009
MWR InfoSecurity have identified a number of vulnerabilities in the Altiris Deployment Solution software. Symantec have now issued patches for a number of issues that may have a significant impact on an environment utilising this technology. It is therefore recommended that the patches be applied to affected systems as soon as possible.
Symantec's advisory along with a link to the patch can be found at the following URL: -
Due to the potential impact of the vulnerabilities full details will not be provided at the present time so that customers are able to apply the appropriate security patches. However, a full advisory will be released in the near future. MWR InfoSecurity customers can obtain further information about the issues by contacting their account manager.
IBM WebSphere MQ Remote Buffer Overflow
Jun 04, 2009
MWR InfoSecurity have identified that a number of versions of WebSphere MQ are vulnerable to a security issue due to the incorrect validation of user supplied data. This can lead to a heap overflow vulnerability in the packet handling routines. This vulnerability is associated with the software's memory allocation code and can result in the overwriting of data on the heap. This vulnerability could be exploited remotely from an unauthenticated perspective in order to execute arbitrary code. Please note that specific MQ security controls can partially mitigate the risk associated with this issue if these have been deployed in an appropriate manner.
Due to the nature of the vulnerability full details will not be provided at the present time so that customers are able to apply the appropriate security patches. However, a full advisory will be released in approximately 3 months time. MWR InfoSecurity customers can obtain further information about the issue by contacting their account manager.
Fixes for the issue can be obtained via the following link: -
http://www-01.ibm.com/support/docview.wss?rs=0&uid=swg24023135
Author: A Plaskett
CVE: CVE-2009-0896
Update (2nd Oct 2009): The advisory has now been released and can be downloaded here.
Retain Resource Server Remote Code Execution
Apr 07, 2009
A vulnerability exists in the Retain Planner Server networking protocol which could allow an attacker to execute code remotely by crafting a malicious packet in order to hijack the flow of execution.
WebEx Remote Support Application Vulnerability
Apr 06, 2009
The Remote Support Center application utilises the WebEx portal to provide a mechanism which allows remote assistance of users or the sharing of an application such as a PowerPoint presentation or browser session. A vulnerability was identified whereby the security controls within the application could be overridden and that all actions could have been taken without the permission of the user or of the Meeting Host.
This document is intended to provide further information about security vulnerabilities previously identified in the WebEx Remote Support Center Application. The information included here should be used to identify how use of the service might impact on an organisation’s security posture and how it can be ensured that its usage does not expose unnecessary risk. This document is not intended as a statement of MWR InfoSecurity’s opinion about the security of this application, or of the service in general.