CVE-2009-0120

EPSS 3.5%

The IBM WebSphere DataPower XML Security Gateway XS40 with firmware 3.6.1.5 allows remote attackers to cause a denial of service (device reboot) by sending data over an established SSL connection, as demonstrated by the abc\r\n\r\n string data.

Affected products

n/a · n/a

public PoCs found — 1

exploitdbwww.exploit-db.com/exploits/32712unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://securityreason.com/securityalert/4911 http://www.securityfocus.com/archive/1/499870/100/0/threaded http://www.securityfocus.com/bid/33169 http://www.securitytracker.com/id?1021547 http://www.vupen.com/english/advisories/2009/0111