危険度:
  情報公開日: 7 21, 2015

  概要

Directory traversal vulnerability in the CIM server in IBM Director before 5.20.3 Service Update 2 on Windows allows remote attackers to load and execute arbitrary local DLL code via a .. (dot dot) in a /CIMListener/ URI in an M-POST request.

  トレンドマイクロの対策

Per: http://www.securityfocus.com/archive/1/archive/1/501639/100/0/threaded 'The vendor has adressed this vulnerability in service update 2 for IBM Director agent 5.20.3. Download link: https://www14.software.ibm.com/webapp/iwm/web/reg/download.do?source=dmp &S_PKG=director_x_520&S_TACT=sms<=en_US&cp=UTF-8'

  対応方法

  Trend Micro Deep Security DPI Rule Number: 1005288