Next Page >>
IBM
Hash: SHA1
Core Security Technologies - CoreLabs Advisory
http://corelabs.coresecurity.com/
IBM WebSphere Application Server Cross-Site Request Forgery
1. *Advisory Information*
Title: IBM WebSphere Application Server Cross-Site Request Forgery
V3D> --Thursday, July 16, 2009, 12:02:35 AM, you wrote to bugtraq@securityfocus.com:
TZ>> As I received a lot of feedback on this bug, I thought I'd update you. After not replying
TZ>> to my notifications and subsequent forced partial disclosure, IBM stated
TZ>> officially on their website that they where not affected and to my surprise
TZ>> IBM got in contact immediately after disclosure to "coordinate"
TZ>> If your read the Timeline till the end, the story has a nice swing.., Drama, insults,
TZ>> everything. You could make a soap opera out of it. And you don't even have all the mails.
As I received a lot of feedback on this bug, I thought I'd update you. After not replying
to my notifications and subsequent forced partial disclosure, IBM stated
officially on their website that they where not affected and to my surprise
IBM got in contact immediately after disclosure to "coordinate"
If your read the Timeline till the end, the story has a nice swing.., Drama, insults,
everything. You could make a soap opera out of it. And you don't even have all the mails.
--Thursday, July 16, 2009, 12:02:35 AM, you wrote to bugtraq@securityfocus.com:
TZ> As I received a lot of feedback on this bug, I thought I'd update you. After not replying
TZ> to my notifications and subsequent forced partial disclosure, IBM stated
TZ> officially on their website that they where not affected and to my surprise
TZ> IBM got in contact immediately after disclosure to "coordinate"
TZ> If your read the Timeline till the end, the story has a nice swing.., Drama, insults,
TZ> everything. You could make a soap opera out of it. And you don't even have all the mails.
Louhi Networks Information Security Research
Security Advisory
Advisory: IBM BladeCenter Advanced Management Module
Multiple vulnerabilities
(XSS type 2 & 1, CSRF, Information Disclosure)
Release Date: 2009-04-09
Last Modified: 2009-04-09
Authors: Henri Lindberg [henri.lindberg@louhi.fi], CISA
DB2/400
7) Known vulnerabilities:
CVE ID Disclosed Title
CVE-2000-1038 12/11/2000 The web administration interface for IBM AS/400
Firewall allows remote attackers to cause a denial of service via an
empty GET request.
CVE-2002-1731 12/31/2002 The System Request menu in IBM AS/400 allows
local users to list valid user accounts by viewing the object names that
are type USRPRF.
Trustwave's SpiderLabs Security Advisory TWSL2011-006:
IBM Web Application Firewall Bypass
https://www.trustwave.com/spiderlabs/advisories/TWSL2011-006.txt
Published: 2011-06-21
Version: 1.0
Vendor: IBM
Product: IBM Web Application Firewall
Hash: SHA1
Core Security Technologies - CoreLabs Advisory
http://www.coresecurity.com/corelabs/
IBM SolidDB invalid error code vulnerability
1. *Advisory Information*
______________________________________________________________________
From the low-hanging-fruit-department - IBM /ISS Proventia evasion
______________________________________________________________________
Release mode: Forced disclosure, no answer from vendor.
Ref : TZO-06-2009-IBM Proventia
WWW : http://blog.zoller.lu/2009/04/ibm-proventia-evasion-limited-details.html
Vendor : http://www.ibm.com
Security notification reaction rating : Catastrophic (see Timeline)
Additional workarounds are available from the individual vendors'
advisories referenced below.
VI. VENDOR RESPONSE
IBM Support has released workarounds and a patch which addresses this
issue. For more information, consult their advisory at the following
URL:
http://www-01.ibm.com/support/docview.wss?rs=463&uid=swg21377573
(rpc.ttdbserverd), which when properly exploited can lead to remote compromise
of the vulnerable system.
This vulnerability was confirmed by us in the following versions of operating
systems, other operating systems and versions may be also affected.
IBM AIX Version 6.1.3
IBM AIX Version 6.1.2
IBM AIX Version 6.1.1
IBM AIX Version 6.1.0
IBM AIX Version 5.3.10
IBM AIX Version 5.3.9
http://www.kryptoslogic.com/advisories/2010/kryptoslogic-ibm-tivoli-dsmtca.txt
http://www.kryptoslogic.com/advisories/2010/kryptoslogic-ibm-tivoli-dsmtca-exploit.c
==-===-=====-=======-===========-=============-=================
IBM Tivoli Storage Manager (TSM) Local Root
Kryptos Logic, December 2010
==-===-=====-=======-===========-=============-=================
NSFOCUS Security Advisory (SA2009-02)
IBM DB2 JDBC Applet Server Remote DoS Vulnerability
Release Date: 2009-10-16
CVE ID: CVE-2009-2971
http://www.nsfocus.com/en/advisories/0902.html
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: IBM JDK/JRE: Multiple vulnerabilities
Date: June 25, 2008
Bugs: #186277, #198644, #216112
ID: 200806-11
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Advisory ID: CORE-2010-0908
Advisory URL:
http://www.coresecurity.com/content/LotusNotes-XLS-viewer-heap-overflow
Date published: 2011-05-24
Date of last update: 2011-05-24
Vendors contacted: IBM
Release mode: Coordinated release
2. *Vulnerability Information*
Title: Lotus Notes buffer overflow in the Lotus WorkSheet file processor
Advisory ID: CORE-2007-0821
Advisory URL: http://www.coresecurity.com/index.php5?action=item&id=2008
Date published: 2007-11-27
Date of last update: 2007-11-27
Vendors contacted: IBM Corp.
Release mode: COORDINATED RELEASE
*Vulnerability Information*
Class: Input validation error
Remotely Exploitable: Yes
Security Advisory: MVSA-10-006 / CVE-2010-0153
Vendor: IBM
Products: Proventia Network Mail Security System
Vulnerabilities: Cross-Site Request Forgery (XSRF)
Risk: High
Attack Vector: From Remote
Authentication: Required
Security Advisory: MVSA-10-007 / CVE-2010-0152
Vendor: IBM
Products: Proventia Network Mail Security System
Vulnerabilities: Multiple Cross-Site Scripting (XSS)
Risk: High
Attack Vector: From Remote
Authentication: Not Required/Required
Reference: http://www.ventuneac.net/security-advisories/MVSA-10-007
This is frequently observed by pen-testers for sure but just as frequently
anecdotal. I have personally run into it at least once, where a standard
nmap SYN scan crashed a few AS/400 boxes. Each time it ends there, the
client freaks and little to no more information can be obtained as it is
dropped from the scope. I'd be curious to see how many bug reports IBM has
received on the port scan DoS. Given the lack of information about what
versions or conditions are required for it to happen is why I said it is
mostly anecdotal.
: However, if you search for AS/400 vulnerabilities, you find only about a
IBM AIX swcons Local Arbitrary File Access Vulnerability
iDefense Security Advisory 10.30.07
http://labs.idefense.com/intelligence/vulnerabilities/
Oct 30, 2007
I. BACKGROUND
The swcons program is a set-uid root application which is installed by
default on IBM AIX. It allows for console logs to be temporarily logged
Security Advisory: MVSA-10-009 / CVE-2010-0155
Vendor: IBM
Products: Proventia Network Mail Security System
Vulnerabilities: CRLF Injection
Risk: Medium
Attack Vector: From Remote
Authentication: Required
Reference: http://www.ventuneac.net/security-advisories/MVSA-10-009
Security Advisory: MVSA-10-008 / CVE-2010-0154
Vendor: IBM
Products: Proventia Network Mail Security System
Vulnerabilities: Insecure Direct Object Reference
Risk: Medium
Attack Vector: From Remote
Authentication: Required
Reference: http://www.ventuneac.net/security-advisories/MVSA-10-008
IV. DETECTION
iDefense confirmed the existence of this vulnerability using the
following versions of the affected software:
xlssr.dll version 8.0.0.7214, distributed with IBM Lotus Notes 8.0
xlssr.dll version 8.5.0.8339, distributed with IBM Lotus Notes 8.5
xlssr.dll version 10.5.0.0, distributed with Symantec Mail Security
for Microsoft Exchange
All versions of the KeyView SDK that include the "xlssr.dll" filter
SEC-CONSULT Security Advisory < 20090305-1 >
=========================================================================================
title: IBM Director CIM Server Remote Denial of Service Vulnerability
program: IBM Director for Windows
vulnerable version: <= 5.20.3 Service Update 2
homepage: http://www-03.ibm.com/systems/management/director/
found: Sept. 2008
by: Bernhard Mueller / SEC Consult Vulnerability Lab
permanent link:
http://www.sec-consult.com/files/20090305-1_IBM_director_DoS.txt
** Sun's Resolution **
Sun released Java 6u11, 1.5.0_17, and 1.4.2_19 addressing this flaw. [3]
** IBM's Resolution **
IBM suffered a more limited vector which is addressed in J2SE 5.0 SR9, and
one would assume will be addressed by J2SE 1.4.2 SR13 and Java SE 6 SR4
but no further information was provided by IBM.
IBM Rational ClearQuest Web Multiple XSS
CVE-2007-4592
Discovered on 07-24-07 by sasquatch of SecureState - www.securestate.com
Multiple cross site scripting vulnerabilities exist within IBM's Rational ClearQuest Web interface.
VULNERABLE VARIABLES:
=====================
Vulnerability Table
===================
1. IBM Tivoli Provisioning Manager Express Multiple Cross-Site
Scripting Vulnerabilities
2. IBM Tivoli Provisioning Manager Express Remote Username
Enumeration Weakness
3. Computer Associates eTrust Threat Management Console
IP Address HTML Injection Weakness
IBM Lotus Notes Client TagAttributeListCopy Buffer Overflow Vulnerability
iDefense Security Advisory 10.23.07
http://labs.idefense.com/intelligence/vulnerabilities/
Oct 23, 2007
I. BACKGROUND
IBM Corp.'s Lotus Notes software is an integrated desktop client option
for accessing e-mail, calendars and applications on an IBM Corp. Lotus
ZDI-10-156: IBM Lotus Notes Autonomy KeyView Word Parsing Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-156
August 23, 2010
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
IBM
Autonomy
ZDI-10-159: IBM Lotus Notes Autonomy KeyView WK3 Parsing Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-159
August 23, 2010
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
IBM
Autonomy
Next Page>>
|
