The Resource Monitoring and Control (RMC) daemon in IBM Hardware Management Console (HMC) 7 release 3.2.0 SP1 and 3.3.0 SP2 allows remote attackers to cause a denial of service (daemon crash or hang) via a packet with an invalid length.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Hardware_management_console | Ibm | 3.2.0-sp1 (including) | 3.2.0-sp1 (including) |
| Hardware_management_console | Ibm | 3.3.0-sp2 (including) | 3.3.0-sp2 (including) |
References
- http://secunia.com/advisories/32571
- http://www-1.ibm.com/support/docview.wss?uid=isg1MB02482
- http://www-1.ibm.com/support/docview.wss?uid=isg1MB02485
- http://www.securityfocus.com/bid/32181
- http://www.vupen.com/english/advisories/2008/3051
- http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=4441
- http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=4442
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46413
- https://www14.software.ibm.com/webapp/set2/sas/f/hmc/power6/install/v7.Readme.html#MH01133
- https://www14.software.ibm.com/webapp/set2/sas/f/hmc/power6/install/v7.Readme.html#MH01134
- http://secunia.com/advisories/32571
- http://www-1.ibm.com/support/docview.wss?uid=isg1MB02482
- http://www-1.ibm.com/support/docview.wss?uid=isg1MB02485
- http://www.securityfocus.com/bid/32181
- http://www.vupen.com/english/advisories/2008/3051
- http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=4441
- http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=4442
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46413
- https://www14.software.ibm.com/webapp/set2/sas/f/hmc/power6/install/v7.Readme.html#MH01133
- https://www14.software.ibm.com/webapp/set2/sas/f/hmc/power6/install/v7.Readme.html#MH01134