Alerte sécurité WMQ

mardi 25 janvier 2011

Un nouvelle alerte sécurité sur WebSphere MQ :

IBM WebSphere MQ message header buffer overflow
wmq-messageheader-bo (64628) The risk level is classified as High Risk

Description :

IBM WebSphere MQ is vulnerable to a buffer overflow, caused by improper bounds checking during message handling. By sending a message contain a specially-crafted header field, a remote attacker could overflow a buffer and execute arbitrary code on the system with MQM privileges or cause the application to crash.
Consequences :

Gain Access

Remedy :

For WebSphere MQ 7.0 :
Apply the latest Fix Pack ( or later) or APAR IZ77607. See References.

Toutes les brèves du site