CVE-2009-0879

IBM Director < 5.20.3 - Denial of Service via Long Consumer Name

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-0879. PoCs published by Bernhard Mueller.

AI-analyzed exploit summary This is a security advisory detailing a remote denial of service (DoS) vulnerability in IBM Director CIM Server. The vulnerability is triggered by sending overlong consumer names in a request, causing the service to crash.

Description

The CIM server in IBM Director before 5.20.3 Service Update 2 on Windows allows remote attackers to cause a denial of service (daemon crash) via a long consumer name, as demonstrated by an M-POST request to a long /CIMListener/ URI.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Bernhard Mueller · textdoswindows

https://www.exploit-db.com/exploits/8190

View Code ZIP pw:eip

This is a security advisory detailing a remote denial of service (DoS) vulnerability in IBM Director CIM Server. The vulnerability is triggered by sending overlong consumer names in a request, causing the service to crash.

Classification

Writeup 100%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: IBM Director for Windows <= 5.20.3 Service Update 2

No auth needed

Prerequisites: Network access to the IBM Director CIM Server

MITRE ATT&CK