PT-2009-3090 · Ibm · Ibm Http Server
Publicado
2009-02-10
·
Atualizado
2017-08-08
·
CVE-2009-0436
CVSS v2.0
7.2
Alta
| Vetor | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
IBM HTTP Server versions 6.0.x through 6.0.2.30
IBM HTTP Server versions 6.1.x through 6.1.0.18
Description
The mod ibm ssl and mod cgid modules in IBM HTTP Server set incorrect permissions for AF UNIX sockets. This issue has unknown impact and can be exploited through local attack vectors.
Recommendations
For IBM HTTP Server versions 6.0.x through 6.0.2.30, update to version 6.0.2.31 or later.
For IBM HTTP Server versions 6.1.x through 6.1.0.18, update to version 6.1.0.19 or later.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ibm Http Server