Intrusion Prevention

IBM.BladeCenter.Advanced.Management.Module.Info.Disclosure

Description

This indicates an attack attempt against an information disclosure vulnerability in the advanced management module of the IBM Bladecenter.
The vulnerability is a result of the application's failure to properly sanitize user input. As a result, a remote attacker can send a crafted query to obtain sensitive information.

Affected Products

IBM Bladecenter advanced management module firmware versions prior to 1.42u

Impact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

Recommended Actions

Apply the latest update from the vendor.
http://www.ibm.com/

CVE References

CVE-2009-1289