Vigil@nce: WebSphere MQ, denial of service via Channel Control
May 2010 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/
SYNTHESIS OF THE VULNERABILITY
An authenticated attacker can send malicious Channel Control data,
in order to stop the channel process of WebSphere MQ.
– Severity: 2/4
– Creation date: 29/04/2010
DESCRIPTION OF THE VULNERABILITY
The channel process of WebSphere MQ manages exchanges between a
client and a Queue Manager, or between two Queue Managers.
An authenticated attacker can send malicious Channel Control data,
in order to stop the channel process of WebSphere MQ.
Technical details are unknown.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/WebSphere-MQ-denial-of-service-via-Channel-Control-9619