Detections
Analytics
IBM Rational ClearQuest 7.1.1.x < 7.1.1.9 / 7.1.2.x < 7.1.2.6 / 8.0.0.x < 8.0.0.2 Multiple Vulnerabilities (credentialed check)
high Nessus Plugin ID 59293
Language:
Synopsis
The remote Windows host has an application installed that is affected by multiple vulnerabilities.Description
The remote host is running a version of IBM Rational ClearQuest 7.1.1.x prior to 7.1.1.9 / 7.1.2.x prior to 7.1.2.6 / 8.0.0.x prior to 8.0.0.2 installed. It is, therefore, affected by the following vulnerabilities :- A SQL injection vulnerability exists in the ClearQuest Maintenance tool when upgrading the user database. Note that the Maintenance tool must be able to directly connect to ClearQuest repositories to be exploitable.
(CVE-2011-1390)
- A heap-based buffer overflow vulnerability exists in the 'RegisterSchemaRepoFromFileByDbSet' function of the CQOle ActiveX control (cqole.dll) due to improper parsing of parameters. Exploitation of this issue can result in arbitrary code execution. (CVE-2012-0708)
Solution
Upgrade to IBM Rational ClearQuest 7.1.1.9 / 7.1.2.6 / 8.0.0.2 or later.See Also
Plugin Details
Severity: High
ID: 59293
File Name: ibm_rational_clearquest_maintenance_tool_sql_injection.nasl
Version: 1.7
Type: local
Agent: windows
Family: Windows
Published: 5/29/2012
Updated: 7/12/2018
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 7.7
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: cpe:/a:ibm:rational_clearquest
Required KB Items: installed_sw/IBM Rational ClearQuest
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 5/10/2012
Vulnerability Publication Date: 5/10/2012
Exploitable With
CANVAS (D2ExploitPack)
Core Impact
Metasploit (IBM Rational ClearQuest CQOle Remote Code Execution)
Reference Information
CVE: CVE-2011-1390, CVE-2012-0708