IBM Support

IBM Tivoli Monitoring Basic Services Vulnerability (IV87524)

Download


Abstract

This fix addresses a security vulnerability in which the Firewall (Proxy) Gateway was vulnerable to possible host header injection attack.

Download Description

The following patches have been provided to address the security vulnerability listed in the IBM Tivoli Monitoring Security Bulletin: http://www.ibm.com/support/docview.wss?uid=swg21997223

VRMFFix
6.3.06.3.0-TIV-ITM-FP0007-IV87524
6.2.36.2.3-TIV-ITM-FP0005-IV87524
6.2.26.2.2-TIV-ITM-FP0009-IV87524

Prerequisites

The prerequisite level for this fix is as follows:
IBM Tivoli Monitoring, version 6.3.0 Fix Pack 4 (6.3.0-TIV-ITM-FP0007)
- OR -
IBM Tivoli Monitoring, version 6.2.3 Fix Pack 5 (6.2.3-TIV-ITM-FP0005)
- OR -
IBM Tivoli Monitoring, version 6.2.2 Fix Pack 9 (6.2.2-TIV-ITM-FP0009)

[{"PRLabel":"6.3.0-TIV-ITM-FP0007","PRLang":"English","PRSize":"1","PRPlat":{"label":"AIX","code":"PF002"},"PRURL":"http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm~Tivoli&product=ibm/Tivoli/IBM+Tivoli+Monitoring&platform=All&release=6.3.0&function=fixId&fixids=6.3.0-TIV-ITM-FP0007"},{"PRLabel":"6.2.3-TIV-ITM-FP0005","PRLang":"English","PRSize":"1","PRPlat":{"label":"AIX","code":"PF002"},"PRURL":"http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm~Tivoli&product=ibm/Tivoli/IBM+Tivoli+Monitoring&platform=All&release=6.2.3&function=fixId&fixids=6.2.3-TIV-ITM-FP0005"},{"PRLabel":"6.2.2-TIV-ITM-FP0009","PRLang":"English","PRSize":"1","PRPlat":{"label":"AIX","code":"PF002"},"PRURL":"http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm~Tivoli&product=ibm/Tivoli/IBM+Tivoli+Monitoring&platform=All&release=6.2.2&function=fixId&fixids=6.2.2-TIV-ITM-FP0009"}]

Installation Instructions

Refer to the README file located in Fix Central for additional information.

Change History

2017-03-06: Document published.
Apr 11 2018 Updated to address patch install issue with Linux on Power little endian (lpl266)

On
[{"DNLabel":"6.3.0-TIV-ITM-FP0007-IV87524","DNDate":"1 Mar 2017","DNLang":"English","DNSize":"1","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm~Tivoli&product=ibm/Tivoli/IBM+Tivoli+Monitoring&platform=All&release=6.3.0.7&function=fixId&fixids=6.3.0-TIV-ITM-FP0007-IV87524","DNURL_FTP":" ","DDURL":null},{"DNLabel":"6.2.3-TIV-ITM-FP0005-IV87524","DNDate":"6 Mar 2017","DNLang":"English","DNSize":"1","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm~Tivoli&product=ibm/Tivoli/IBM+Tivoli+Monitoring&platform=All&release=6.2.3.5&function=fixId&fixids=6.2.3-TIV-ITM-FP0005-IV87524","DNURL_FTP":" ","DDURL":null},{"DNLabel":"6.2.2-TIV-ITM-FP0009-IV87524","DNDate":"6 Mar 2017","DNLang":"English","DNSize":"1","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm~Tivoli&product=ibm/Tivoli/IBM+Tivoli+Monitoring&platform=All&release=6.2.2.9&function=fixId&fixids=6.2.2-TIV-ITM-FP0009-IV87524","DNURL_FTP":" ","DDURL":null}]
[{"Product":{"code":"SSTFXA","label":"Tivoli Monitoring"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"Not Applicable","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"6.3.0;6.2.3;6.2.2","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]

Product Synonym

ITM

Document Information

Modified date:
15 June 2018

UID

swg24043383