[2/5] IBM Tivoli Business Service Manager Password Disclosure

January 22nd, 2008 by

[2/5] IBM Tivoli Business Service Manager Password Disclosure

:Some security issues have been reported in IBM Tivoli Business Service Manager, which potentially can be exploited by malicious, local users to disclose sensitive information.The security issues are caused due to certain passwords being stored in clear text on reconfig or in SM_server.log.The security issues are reported in 4.1.1.Solution:Apply Interim Fix 1 (4.1.1.0-TIV-BSM-IF0001). Please see the vendor’s advisory for details.Provided and/or discovered by:Reported by the vendor.Original Advisory:IBM (166896, 167722):http://www-1.ibm.com/support/docview.wss?uid=swg24017939

Original post by pooja

[2/5] IBM Tivoli Business Service Manager Password Disclosure

Related Articles:

[3/5] IBM Tivoli Storage Manager Express Buffer Overflow Vulnerability

[2/5] IBM Tivoli Provisioning Manager for OS Deployment HTTP Server Denial of Service

[3/5] Nortel Business Communications Manager BIND 8 Predictable DNS Query IDs

[2/5] IBM Tivoli Storage Manager Client CAD Service Script Insertion

[2/5] IBM Tivoli Provisioning Manager for OS Deployment TFTP Read Request Denial of Service

Posted in Advisories - Exploits | | [2/5] IBM Tivoli Business Service Manager Password Disclosure

<< [2/5] IBM WebSphere Business Modeler Repository Deletion Security Issue | [4/5] Lama Software “MY_CONF[classRoot]” File Inclusion Vulnerabilities >>

Cybertrion Systems

[2/5] IBM Tivoli Business Service Manager Password Disclosure

Categories

Archives:

Search:

Meta: