Vulnerabilities > CVE-2010-1612 - Denial of Service vulnerability in IBM Datapower XS40 Malformed ICMP Packet
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
The IBM WebSphere DataPower XML Accelerator XA35, Low Latency Appliance XM70, Integration Appliance XI50, B2B Appliance XB60, and XML Security Gateway XS40 SOA Appliances before 3.8.0.0, when a QLOGIC Ethernet interface is used, allow remote attackers to cause a denial of service (interface outage) via malformed ICMP packets to the 0.0.0.0 destination IP address.
Vulnerable Configurations
References
- http://www.securityfocus.com/archive/1/509163/100/0/threaded
- http://www.securityfocus.com/bid/37952
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC61364
- http://www-01.ibm.com/support/docview.wss?uid=swg24024770
- http://www-01.ibm.com/support/docview.wss?uid=swg24024771
- http://www-01.ibm.com/support/docview.wss?uid=swg24024772
- http://www-01.ibm.com/support/docview.wss?uid=swg24024773
- http://www-01.ibm.com/support/docview.wss?uid=swg24024774