Infinite loop in IBM Sterling Order Management, IBM Sterling Configure, Price, Quote and Sterling Web Channel

1) Infinite loop

EUVDB-ID: #VU5233

Risk: Medium

CVSSv3.1: 8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:F/RL:O/RC:C]

CVE-ID: CVE-2014-0050

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to cause DoS conditions on the target system.

The weakness exists due to boundary error when handling Content-Type HTTP header for multipart requests. By sending a specially crafted Content-Type header, containing 4092 characters in "boundary" field, a remote attacker can cause the application to enter into an infinite loop.

Successful exploitation of the vulnerability results in denial of service on the vulnerable system.

Note: the vulnerability was being actively exploited.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Sterling Field Sales: before SFS9.2.1- SFP3

Sterling Selling and Fulfillment Foundation: before 9.3.0- SFP2

IBM Sterling Order Management : before 8.5- SFP3

Sterling Web Channel: before 9.1.0-FP3

CPE2.3

External links

http://www.ibm.com/support/pages/node/514267

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.