The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of MQSeries

vulnerability announce CVE-2016-9840 CVE-2016-9841 CVE-2016-9842

zlib: five vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of zlib.
Impacted products: iOS by Apple, iPhone, Mac OS X, Debian, Fedora, AIX, DB2 UDB, Domino, MQSeries, Notes, Security Directory Server, SPSS Statistics, Kubernetes, MariaDB ~ precise, MySQL Community, MySQL Enterprise, Java OpenJDK, openSUSE, openSUSE Leap, Java Oracle, Oracle OIT, Solaris, Percona Server, Python, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, Nessus, zlib.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 5.
Creation date: 05/12/2016.
Identifiers: 1997877, 2001520, 2003212, 2004735, 2005160, 2005255, 2006014, 2006017, 2007242, 2010282, 2011648, 2014202, APPLE-SA-2017-09-19-1, APPLE-SA-2017-09-25-1, APPLE-SA-2017-09-25-4, bulletinapr2017, bulletinoct2018, CERTFR-2018-AVI-288, cpujul2018, cpuoct2017, cpuoct2018, CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843, DLA-1725-1, FEDORA-2018-242f6c1a41, FEDORA-2018-55b875c1ac, HT208144, ibm10718843, openSUSE-SU-2016:3202-1, openSUSE-SU-2017:0077-1, openSUSE-SU-2017:0080-1, openSUSE-SU-2017:2998-1, openSUSE-SU-2018:0042-1, openSUSE-SU-2018:3478-1, openSUSE-SU-2019:0327-1, RHSA-2017:1220-01, RHSA-2017:1221-01, RHSA-2017:1222-01, RHSA-2017:2999-01, RHSA-2017:3046-01, RHSA-2017:3047-01, SSA:2018-309-01, SUSE-SU-2017:1384-1, SUSE-SU-2017:1386-1, SUSE-SU-2017:1387-1, SUSE-SU-2017:1444-1, SUSE-SU-2017:2989-1, SUSE-SU-2017:3369-1, SUSE-SU-2017:3411-1, SUSE-SU-2017:3440-1, SUSE-SU-2017:3455-1, SUSE-SU-2018:0005-1, SUSE-SU-2018:3542-1, SUSE-SU-2018:3972-1, SUSE-SU-2018:4211-1, SUSE-SU-2019:0119-1, SUSE-SU-2019:0555-1, SUSE-SU-2019:2048-1, TNS-2018-08, VIGILANCE-VUL-21262.

Description of the vulnerability

Several vulnerabilities were announced in zlib.

An attacker can generate a memory corruption via Deflate External Linkage, in order to trigger a denial of service, and possibly to run code. [severity:2/4]

A pointer error may have a consequence. [severity:1/4]

An attacker can force a read at an invalid address via inftrees.c, in order to trigger a denial of service, or to obtain sensitive information. [severity:1/4; CVE-2016-9840, CVE-2016-9841]

A negative number shift is undefined. [severity:1/4; CVE-2016-9842]

An attacker can force a read at an invalid address via Big-endian Pointer, in order to trigger a denial of service, or to obtain sensitive information. [severity:1/4; CVE-2016-9843]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2009-0439

WebSphere MQ: privilege elevation via setmqaut, dmpmqaut and dspmqaut

Synthesis of the vulnerability

A local attacker can use the setmqaut, dmpmqaut and dspmqaut commands in order to obtain WebSphere MQ privileges.
Impacted products: MQSeries, WebSphere MQ.
Severity: 2/4.
Consequences: administrator access/rights.
Provenance: user shell.
Creation date: 24/02/2009.
Identifiers: BID-33857, CERTA-2009-AVI-077, CVE-2009-0439, IZ40824, VIGILANCE-VUL-8488.

Description of the vulnerability

The setmqaut command grants and revokes authorizations. The dmpmqaut command dumps authorizations. The dspmqaut command displays authorizations.

Those three commands have a vulnerability which can be used by a local attacker to elevate his privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2008-1592

WebSphere MQ: usage of runmqsc

Synthesis of the vulnerability

A local attacker can use runmqsc to conduct administrative operations on WebSphere MQ for HP NSS.
Impacted products: MQSeries, WebSphere MQ.
Severity: 2/4.
Consequences: privileged access/rights.
Provenance: user shell.
Creation date: 13/03/2008.
Identifiers: BID-28235, CVE-2008-1592, VIGILANCE-VUL-7668.

Description of the vulnerability

The WebSphere MQ product can be installed with HP NSS (Non Stop Systems).

The runmqsc command is used to do administrative operations, such as starting and stopping channels. Only members of group "mqm" should be able to use it. However, other users non members of this group can use it.

A local attacker can therefore do some administrative operations with runmqsc.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce 7627

WebSphere MQ: access to client process

Synthesis of the vulnerability

A local attacker can access to the client MQ process.
Impacted products: MQSeries, WebSphere MQ.
Severity: 2/4.
Consequences: privileged access/rights.
Provenance: user shell.
Creation date: 29/02/2008.
Identifiers: IC50431, VIGILANCE-VUL-7627.

Description of the vulnerability

Under Windows, each process has access rights:
 - PROCESS_DUP_HANDLE : duplicate a handle
 - PROCESS_SET_QUOTA : limit memory
 - etc.

The MQ client gives the PROCESS_DUP_HANDLE privilege to Everyone. It is due to an implementation error.

An attacker in a Microsoft Transaction Server (MTS) or COM+ environment can thus call DuplicateHandle() to control the client process.

This vulnerability for example permits a local attacker to alter the behavior of MQ client.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2008-1130

WebSphere MQ: access to the queue

Synthesis of the vulnerability

An attacker can bypass the access policy to the Queue Manager of WebSphere MQ.
Impacted products: MQSeries, WebSphere MQ.
Severity: 2/4.
Consequences: privileged access/rights.
Provenance: intranet client.
Creation date: 29/02/2008.
Identifiers: BID-28046, CERTA-2008-AVI-115, CVE-2008-1130, IZ01272, VIGILANCE-VUL-7626.

Description of the vulnerability

The WebSphere MQ product provides a Queue Manager. A MQ client can access to the Queue Manager via a channel of SVRCONN type.

The MCAUSER (MCAUserIdentifier) parameter indicates the name of the user allowed to connect to the queue.

"Exits" are modules called during particular operations. "Security Exits" are used before exchanges and are used to authenticate the client.

An attacker can connect via SVRCONN and bypass MCAUSER and Security Exits.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2007-6679 CVE-2008-0740 CVE-2008-0741

WebSphere AS 6.0.2: several vulnerabilities

Synthesis of the vulnerability

Several vulnerabilities of WebSphere AS permit an attacker to obtain information, to create denial of service or to attack the service.
Impacted products: MQSeries, WebSphere AS Traditional, WebSphere MQ.
Severity: 2/4.
Consequences: user access/rights, data reading.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 4.
Creation date: 22/01/2008.
Identifiers: BID-27400, CVE-2007-6679, CVE-2008-0740, CVE-2008-0741, PK45768, PK48785, PK52709, PK57746, VIGILANCE-VUL-7518.

Description of the vulnerability

Several vulnerabilities were announced in WebSphere Application Server.

Here is an extract of the changelog:
Addressing security concerns with monitor role users (Administrative Console). [severity:2/4; CVE-2007-6679, PK45768]
The WebSphere MQ header buffer handling fails when under load due to movements in the location of an internal buffer (Default Messaging Component). [severity:2/4; PK57746]
Sensitive information might appear in clear text in http_plugin.log file (Plug-in component). [severity:1/4; CVE-2008-0740, PK48785]
Potential security exposure in PropFilePasswordEncoder utility. [severity:2/4; CVE-2008-0741, PK52709]
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2007-6044

IBM WebSphere MQ: several memory corruptions

Synthesis of the vulnerability

A remote attacker can exploit 6 corruptions in IBM WebSphere MQ 6.0.
Impacted products: MQSeries, WebSphere MQ.
Severity: 3/4.
Consequences: user access/rights, denial of service on service.
Provenance: intranet client.
Creation date: 14/11/2007.
Identifiers: BID-26441, CVE-2007-6044, VIGILANCE-VUL-7344.

Description of the vulnerability

A remote attacker can exploit 6 corruptions in IBM WebSphere MQ 6.0.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.