IBM Rational ClearQuest Data Corruption Denial of Service Vulnerability

Bugtraq ID:	25810
Class:	Unknown
CVE:	CVE-2007-5090
Remote:	Yes
Local:	No
Published:	Sep 25 2007 12:00AM
Updated:	May 07 2015 05:35PM
Credit:	This issue was disclosed by the vendor.
Vulnerable:	IBM Rational ClearQuest 7.0.1 IBM Rational ClearQuest 7.0 .1 IBM Rational ClearQuest 7.0 IBM Clearquest 2003.06.16 IBM Clearquest 2003.06.15 IBM Clearquest 2003.06.14 IBM Clearquest 2003.06.13 IBM Clearquest 2003.06.12 IBM Clearquest 2003.06.00 IBM Clearquest 2002.05.20 IBM Clearquest 2002.05.00
Not Vulnerable:

IBM Rational ClearQuest Data Corruption Denial of Service Vulnerability

IBM Rational ClearQuest is prone to a denial-of-service vulnerability.

Successfully exploiting this issue allows attackers to corrupt data stored in Microsoft SQL Server- or IBM DB2-based ClearQuest databases. Oracle-based databases are not prone to this issue. A successful attack will deny service to legitimate users.

IBM Rational ClearQuest Data Corruption Denial of Service Vulnerability

Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

IBM Rational ClearQuest Data Corruption Denial of Service Vulnerability

Solution:
IBM has released an advisory along with fixes to address this issue. Please see the references for more information.

IBM Rational ClearQuest Data Corruption Denial of Service Vulnerability

References:

• Rational ClearQuest Homepage (IBM)
  
• Potential ClearQuest security vulnerability (IBM)