CVE-2008-2709

Name of the Vulnerable Software and Affected Versions IBM OS/400 versions V5R4M0 through V6R1M0

Description The issue is related to a buffer overflow in the BrSmRcvAndCheck function within the RCHMGR module. This can be exploited by local users to cause a denial of service, resulting in a task halt and main storage dump. The exploitation involves running diagnostics on a modem port, although the specific vectors are not detailed. It's noted that there might be limited scenarios in which this issue can be attacked.

Recommendations For IBM OS/400 versions V5R4M0 through V6R1M0, consider restricting access to the RCHMGR module and avoid running diagnostics on modem ports until a fix is available. As a temporary workaround, limiting local user privileges might help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.