‫ IBM Tivoli Remote Control Multiple Vulnerabilities

IRCAD2013072815
ID:IRCAD2013072815
Release Date: 2013-07-26
Criticality level: Highly critical
Software:
IBM Tivoli Remote Control 5.x
 
Description:
Multiple vulnerabilities have been reported in IBM Tivoli Remote Control, which can be exploited by malicious, local users to gain escalated privileges, by malicious users to conduct SQL injection attacks, and by malicious people to disclose certain sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
1)    The application bundles a vulnerable version of Java.
2)    The application bundles a vulnerable version of OpenSSL.
The vulnerabilities #1 and #2 are reported in version 5.1.2.
3)    Certain unspecified input is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
The vulnerability #3 is reported in version 5.1.2 interim fixpack IF0012.
 
Solution:
Apply Interim Fix pack 5.1.2-TIV-TRC512-IF0015.
 
References:
 
Secunia:

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 9 مرداد 1392

امتیاز

امتیاز شما
تعداد امتیازها:0