Flashes (Alerts)
Abstract
This is to bring to your attention that there are 3 Security exposures that have been found in Tivoli Directory Server (TDS) 6.2 which is bundled with Websphere Business Events (WBE) version 7.x in certain combined e-assemblies downloaded.
1) Java parseDouble vulnerability (CVE-2010-4476)
2) ZDI-CAN-1022: IBM Tivoli Directory Server ibmslapd.exe Remote Code Execution Vulnerability
3) Server audit log may display userpassword in clear text
Content
The fix for this vulnerability will be contained in the 6.2.0.3-TIV-ITDS-IF0002 maintenance package for TDS v6.2.
Related Information
[{"Product":{"code":"SSTNLG","label":"WebSphere Business Events"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Usability","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"},{"code":"PF035","label":"z\/OS"}],"Version":"7.0.1.1;7.0.1;7.0","Edition":"All Editions","Line of Business":{"code":"LOB45","label":"Automation"}}]
Was this topic helpful?
Document Information
Modified date:
25 September 2022
UID
swg21474188