Buffer Overflow in IBM OS/400 RCHMGR Module
CVE-2008-2709

Currently unrated

Key Information:

Vendor: IBM
Status: Os 400
Vendor: CVE Published:; 16 June 2008

Summary

A buffer overflow vulnerability exists in the RCHMGR module of IBM OS/400, affecting versions V5R4M0, V5R4M5, and V6R1M0. This flaw allows local users to execute specific operations that lead to a denial of service. By running diagnostics on a modem port, an attacker could trigger a halt of the task and create a storage dump, which disrupts the normal operation of the affected system. Attack vectors remain unspecified, and while the scenario for exploitation may be limited, the potential impact on system availability is notable.

References

http://secunia.com/advisories/30554

third-party-advisoryx_refsource_SECUNIA

http://www-1.ibm.com/support/docview.wss?uid=nas21f21bcba...

vendor-advisoryx_refsource_AIXAPAR

http://www.vupen.com/english/advisories/2008/1799

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Jun 16, 2008
Vulnerability Reserved
Jun 16, 2008