Infesting you with Virus News
 

News

Contributed by: Lauren Gerber
Date: July 3, 2009
Lauren Gerber
1
Vote
0

Identifying The IBM Tivoli Manager Vulnerabilities
 

I am here once again, to bring you some news, with regards to a computer security vulnerability that has recently been reported. Yes, another new vulnerability has been brought to my attention, which I would like to bring to yours. The bad news is that this is not an individual vulnerability, but rather a couple of vulnerabilities. These vulnerabilities have been reported in the Tivoli Identity Manager.7IBM.jpg

First let's get down to me explaining what Tivoli Identity Manager is. It is basically an identity management system. It automates internal controls that govern your user access rights. It is geared to help manage things such as permissions, user accounts and passwords, effectively in an automated nature. You can even use it if you are using Windows 98. Some of the files of Windows 98 may include but are not limited to the following: _ISRES.DLL, 3dfx32vb.dll, a2560nt.sys, BACKFILL.EXE, c4dll.dll as well as d3drg24x.dll.

One vulnerability that has been discovered, relates to an error when input is passed to the self service interface, it is not correctly modified before it gets back to the users. This vulnerability runs the risk of being exploited in order to effectively execute arbitrary HTML code as well as script code in the administrators browsing session.

The next vulnerability is again related to input, but in a different context. This relates to input that is passed to the TIM console interface, it is not adequately modified before being returned to its users. This, once again, may be exploited in order to effectively execute arbitrary HTML code as well as script code in the administrators browsing session.

Another impact of these vulnerabilities may result in, amongst other things, cross site scripting attacks. These vulnerabilities have been rated as less critical, which means you can all breathe a sigh of relief. Although you may still want to know what the solution to these vulnerabilities are. The solution to the IBM Tivoli Manager vulnerabilities is to apply the Interim Fix 5.0.0.6-TIV-TIM-IF0028.

Resources:
The IBM Tivoli Manager.
A IBM advisory.
Another IBM advisory.
Yet another IBM advisory.

User Comments

Name:
Email:
Website:
Comment:
Please type 5-digit security code below:
Captcha image for spam protection

Featured Videos

Registry Tutorials
From: PC1News Videos
Added: June 13, 2009
more videos

Software Downloads

SpyHunter V.3
Free Spyhunter Scanner (Spyware/Trojan Detection). DETECT Spyware, Trojans, Worms, Viruses and malware on your PC absolutely FREE.
Download now
Registry Mechanic 8
Award Winning software, Fixes registry and improves computer performance. Created by a division of Symantec, this tool will scan your registry and find errors that can be later cleaned either individually or all together.
Download now
SpywareBlaster 4.1
The tool is used to prevent the installation of spyware and other potentially unwanted software. As soon as you download it, you will be able to protect your system.
Download now

Latest Comments

Virus:Win32/Sal .. 32/Sality.O.dl
March 17, 2010
HI more..
Trojan.Agent.IPB
March 17, 2010
Found this list of godaddy domain name coupons, I got a domain for my dog - ha $6.91 Domain... more..
Trojan.Agent.IPB
March 17, 2010
Three guys were having a beer in a bar in London. They were all relative newly-weds and they were talking... more..
more comments..
rss
Home | Files | Programs | Latest Comments | About us | Privacy Policy | Contributors | Contact Us
© 2008 - 2010 pc1news.com - All rights reserved.
Home  Tips  Downloads Videos Virus List Vulnerabilities
Home > Computer Security > Identifying The IBM Tivoli Manager Vulnerabilities