HTTP: IBM System Director Remote DLL Injection
This signature detects attempts to exploit a known vulnerability against IBM System Director. A malicious attacker can load and execute arbitrary DLL code via remote location.
Extended Description
IBM Director is prone to a privilege-escalation vulnerability that affects the CIM server. Attackers can leverage this issue to execute arbitrary code with elevated privileges in the context of the CIM server process. Versions prior to IBM Director 5.20.3 Service Update 2 are affected.
Affected Products
Ibm director
Short Name
APP:IBM:SYS-DIRECTOR-DLL-LOAD
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
CVE-2009-0880 DLL Director IBM Injection Remote System bid:34065
Release Date
02/27/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
Port
tcp/6988
False Positive
Unknown
Vendors
Ibm
CVSS Score
6.8