CVE-2010-1612

Name of the Vulnerable Software and Affected Versions IBM WebSphere DataPower XML Accelerator XA35 versions prior to 3.8.0.0 IBM WebSphere DataPower Low Latency Appliance XM70 versions prior to 3.8.0.0 IBM WebSphere DataPower Integration Appliance XI50 versions prior to 3.8.0.0 IBM WebSphere DataPower B2B Appliance XB60 versions prior to 3.8.0.0 IBM WebSphere DataPower XML Security Gateway XS40 SOA Appliances versions prior to 3.8.0.0

Description The issue allows remote attackers to cause a denial of service, resulting in an interface outage, by sending malformed ICMP packets to the 0.0.0.0 destination IP address when a QLOGIC Ethernet interface is used.

Recommendations For IBM WebSphere DataPower XML Accelerator XA35 versions prior to 3.8.0.0, update to version 3.8.0.0 or later. For IBM WebSphere DataPower Low Latency Appliance XM70 versions prior to 3.8.0.0, update to version 3.8.0.0 or later. For IBM WebSphere DataPower Integration Appliance XI50 versions prior to 3.8.0.0, update to version 3.8.0.0 or later. For IBM WebSphere DataPower B2B Appliance XB60 versions prior to 3.8.0.0, update to version 3.8.0.0 or later. For IBM WebSphere DataPower XML Security Gateway XS40 SOA Appliances versions prior to 3.8.0.0, update to version 3.8.0.0 or later.