Vulnerability Name:

CVE-2007-3626 (CCN-35289)

Assigned:2007-07-06
Published:2007-07-06
Updated:2017-07-29
Summary:Unspecified vulnerability in the ADM daemon in Hitachi TPBroker before 20070706 allows remote attackers to cause a denial of service (daemon crash) via a certain request.
CVSS v3 Severity:6.2 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:7.8 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)
5.8 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
4.9 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
Vulnerability Type:CWE-noinfo
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2007-3626

Source: OSVDB
Type: UNKNOWN
37847

Source: CCN
Type: SA25972
Hitachi TPBroker ADM Daemon Process Denial of Service

Source: SECUNIA
Type: Vendor Advisory
25972

Source: CCN
Type: Hitachi Security Vulnerability Information HS07-015
Problem of the TPBroker ADM Daemon Process Going Down

Source: CONFIRM
Type: Patch
http://www.hitachi-support.com/security_e/vuls_e/HS07-015_e/index-e.html

Source: CCN
Type: Hitachi Software Web site
Hitachi TPBroker

Source: CCN
Type: OSVDB ID: 37847
Hitachi TPBroker ADM Daemon Unspecified Remote DoS

Source: BID
Type: UNKNOWN
24789

Source: CCN
Type: BID-24789
Hitachi TPBroker Unspecified Denial Of Service Vulnerability

Source: VUPEN
Type: UNKNOWN
ADV-2007-2458

Source: XF
Type: UNKNOWN
hitachi-tpbroker-dos(35289)

Source: XF
Type: UNKNOWN
hitachi-tpbroker-dos(35289)

Vulnerable Configuration:Configuration 1:
  • cpe:/o:ibm:aix:*:*:*:*:*:*:*:*
  • AND
  • cpe:/a:hitachi:cosminexus_application_server:05_00_05_00_q:*:*:*:*:*:*:*
  • OR cpe:/a:hitachi:cosminexus_application_server:05_00_05_05_k:*:*:*:*:*:*:*
  • OR cpe:/a:hitachi:cosminexus_application_server:06_00_06_50_f:*:standard:*:*:*:*:*
  • OR cpe:/a:hitachi:cosminexus_tpbroker:03_05:*:c++:*:*:*:*:*
  • OR cpe:/a:hitachi:cosminexus_tpbroker:04_02:*:java_platform:*:*:*:*:*
  • OR cpe:/a:hitachi:tpbroker:03_03:*:c++_clients_license:*:*:*:*:*
  • OR cpe:/a:hitachi:tpbroker:03_03:*:c++_servers_license:*:*:*:*:*
  • OR cpe:/a:hitachi:tpbroker:03_03:*:java_clients_license:*:*:*:*:*
  • OR cpe:/a:hitachi:tpbroker:03_03:*:java_servers_license:*:*:*:*:*
  • OR cpe:/a:hitachi:tpbroker:03_04:*:c++_clients_license:*:*:*:*:*
  • OR cpe:/a:hitachi:tpbroker:03_04:*:java_platform_clients_license:*:*:*:*:*
  • OR cpe:/a:hitachi:tpbroker:03_04:*:java_platform_servers_license:*:*:*:*:*
  • OR cpe:/a:hitachi:tpbroker:03_05:*:c++_servers_license:*:*:*:*:*
  • OR cpe:/a:hitachi:tpbroker_developer:03_04:*:java_platform:*:*:*:*:*
  • OR cpe:/a:hitachi:ucosminexus_application_server:06_70_06_70_a:*:standard:*:*:*:*:*

    • Configuration 2:
  • cpe:/o:sun:solaris:*:*:*:*:*:*:*:*
  • AND
  • cpe:/a:hitachi:cosminexus_application_server:06_00_06_50_c:*:enterprise:*:*:*:*:*
  • OR cpe:/a:hitachi:cosminexus_tpbroker:04_00:*:java_clients_license:*:*:*:*:*
  • OR cpe:/a:hitachi:cosminexus_tpbroker:04_01:*:java_servers_license:*:*:*:*:*
  • OR cpe:/a:hitachi:tpbroker:03_01:*:c++:*:*:*:*:*
  • OR cpe:/a:hitachi:tpbroker:03_02:*:java_clients_license:*:*:*:*:*
  • OR cpe:/a:hitachi:tpbroker:03_02:*:java_servers_license:*:*:*:*:*
  • OR cpe:/a:hitachi:tpbroker:05_01:*:*:*:*:*:*:*
  • OR cpe:/a:hitachi:tpbroker_developer:03_01:*:c++:*:*:*:*:*
  • OR cpe:/a:hitachi:tpbroker_developer:03_02:*:java:*:*:*:*:*
  • OR cpe:/a:hitachi:tpbroker_developer:03_04:*:java_platform:*:*:*:*:*
  • OR cpe:/a:hitachi:tpbroker_developer:05_01:*:*:*:*:*:*:*
  • OR cpe:/a:hitachi:ucosminexus_application_server:06_70_06_70_a:*:enterprise:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:hitachi:cosminexus_application_server:5:*:*:*:*:*:*:*
  • OR cpe:/a:hitachi:cosminexus_tpbroker:04_00::java_clients_license:*:*:*:*:*
  • OR cpe:/a:hitachi:cosminexus_application_server_enterprise:06_50::aix:*:*:*:*:*
  • OR cpe:/a:hitachi:cosminexus_application_server:6::standard:*:*:*:*:*
  • OR cpe:/a:hitachi:ucosminexus_application_server:::enterprise:*:*:*:*:*
  • OR cpe:/a:hitachi:ucosminexus_application_server_standard:*:*:*:*:*:*:*:*
  • AND
  • cpe:/o:sun:solaris:8::sparc:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:::home:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:::professional:*:*:*:*:*
  • OR cpe:/o:sun:solaris:9::sparc:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*
  • OR cpe:/o:sun:solaris:7.0::sparc:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    ibm aix *
    hitachi cosminexus application server 05_00_05_00_q
    hitachi cosminexus application server 05_00_05_05_k
    hitachi cosminexus application server 06_00_06_50_f
    hitachi cosminexus tpbroker 03_05
    hitachi cosminexus tpbroker 04_02
    hitachi tpbroker 03_03
    hitachi tpbroker 03_03
    hitachi tpbroker 03_03
    hitachi tpbroker 03_03
    hitachi tpbroker 03_04
    hitachi tpbroker 03_04
    hitachi tpbroker 03_04
    hitachi tpbroker 03_05
    hitachi tpbroker developer 03_04
    hitachi ucosminexus application server 06_70_06_70_a
    sun solaris *
    hitachi cosminexus application server 06_00_06_50_c
    hitachi cosminexus tpbroker 04_00
    hitachi cosminexus tpbroker 04_01
    hitachi tpbroker 03_01
    hitachi tpbroker 03_02
    hitachi tpbroker 03_02
    hitachi tpbroker 05_01
    hitachi tpbroker developer 03_01
    hitachi tpbroker developer 03_02
    hitachi tpbroker developer 03_04
    hitachi tpbroker developer 05_01
    hitachi ucosminexus application server 06_70_06_70_a
    hitachi cosminexus application server 5
    hitachi cosminexus tpbroker 04_00
    hitachi cosminexus application server enterprise 06_50
    hitachi cosminexus application server 6
    hitachi ucosminexus application server
    hitachi ucosminexus application server standard *
    sun solaris 8
    microsoft windows xp
    microsoft windows xp
    sun solaris 9
    redhat enterprise linux 2.1
    sun solaris 7.0