The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of IBM Tivoli Directory Server

vulnerability CVE-2017-1503

WebSphere AS: read-write access via Edge Caching Proxy

Synthesis of the vulnerability

An attacker can bypass access restrictions via Edge Caching Proxy of WebSphere AS, in order to read or alter data.
Impacted products: Security Directory Server, Tivoli Directory Server, Tivoli System Automation, WebSphere AS Traditional, IBM WebSphere ESB.
Severity: 2/4.
Consequences: data reading, data creation/edition, data deletion.
Provenance: document.
Creation date: 09/10/2017.
Identifiers: 2006815, 2009501, 2010467, 2010701, CVE-2017-1503, VIGILANCE-VUL-24060.

Description of the vulnerability

An attacker can bypass access restrictions via Edge Caching Proxy of WebSphere AS, in order to read or alter data.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2017-1382

WebSphere AS: read-write access

Synthesis of the vulnerability

An attacker can bypass access restrictions of WebSphere AS, in order to read or alter data.
Impacted products: Security Directory Server, Tivoli Directory Server, Tivoli System Automation, Tivoli Workload Scheduler, WebSphere AS Traditional, IBM WebSphere ESB.
Severity: 2/4.
Consequences: data reading, data creation/edition, data deletion.
Provenance: user shell.
Creation date: 21/07/2017.
Identifiers: 2004785, 2006348, 2006516, 2009026, 2009072, 2009082, 2009087, 2009089, 2009090, 7036319, 7048591, CVE-2017-1382, VIGILANCE-VUL-23310.

Description of the vulnerability

An attacker can bypass access restrictions of WebSphere AS, in order to read or alter data.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2017-1381

WebSphere AS: information disclosure via Proxy Server / ODR

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via Proxy Server / ODR of WebSphere Application Server, in order to obtain sensitive information.
Impacted products: Security Directory Server, Tivoli Directory Server, Tivoli Storage Manager, Tivoli System Automation, Tivoli Workload Scheduler, WebSphere AS Traditional, IBM WebSphere ESB.
Severity: 2/4.
Consequences: data reading.
Provenance: intranet client.
Creation date: 19/07/2017.
Identifiers: 2004792, 2006343, 2006905, 2009023, 2009072, 2009082, 2009087, 2009089, 2009090, 2009348, 7048591, CVE-2017-1381, VIGILANCE-VUL-23275.

Description of the vulnerability

An attacker can bypass access restrictions to data via Proxy Server / ODR of WebSphere Application Server, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2017-1137

WebSphere AS: privilege escalation via Administrative Console

Synthesis of the vulnerability

An attacker can bypass restrictions via Administrative Console of WebSphere AS, in order to escalate his privileges.
Impacted products: Security Directory Server, Tivoli Directory Server, WebSphere AS Traditional.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: document.
Creation date: 04/05/2017.
Identifiers: 1998469, 2008899, 7036319, CVE-2017-1137, VIGILANCE-VUL-22644.

Description of the vulnerability

An attacker can bypass restrictions via Administrative Console of WebSphere AS, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2016-8934

WebSphere AS: Cross Site Scripting via Admin Console

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting via Admin Console of WebSphere AS, in order to run JavaScript code in the context of the web site.
Impacted products: Tivoli Directory Server, Tivoli System Automation, WebSphere AS Traditional, IBM WebSphere ESB.
Severity: 2/4.
Consequences: client access/rights.
Provenance: document.
Creation date: 07/12/2016.
Identifiers: 1992315, 1996037, 1996038, 1996145, 1996238, 7014463, 7036319, CVE-2016-8934, VIGILANCE-VUL-21297.

Description of the vulnerability

The WebSphere AS product offers a web service.

However, it does not filter received data via Admin Console before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting via Admin Console of WebSphere AS, in order to run JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2016-5983

IBM WebSphere Application Server: code execution via serialized objects

Synthesis of the vulnerability

An attacker can use a vulnerability via serial of IBM WebSphere Application Server, in order to run code.
Impacted products: Security Directory Server, Tivoli Directory Server, Tivoli System Automation, Tivoli Workload Scheduler, WebSphere AS Traditional.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights.
Provenance: internet client.
Creation date: 23/09/2016.
Identifiers: 1990060, 1991866, 1991867, 1991870, 1991871, 1991875, 1991876, 1991878, 1991880, 1991882, 1991884, 1991885, 1991886, 1991887, 1991889, 1991892, 1991894, 1991896, 1991898, 1991902, 1991903, 1991951, 1991955, 1991959, 1991960, 1991961, 1995390, 1999671, 2000095, 2000544, 2002049, 2002050, 7014463, 7048591, CVE-2016-5983, VIGILANCE-VUL-20686.

Description of the vulnerability

The IBM WebSphere Application Server runs on a Java virtual machine.

It can load serialized objects from external sources. However, it likely does not restrict which classes are loaded when an object is unserialized.

An attacker can therefore send serialized objects to IBM WebSphere Application Server, in order to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2016-5986

WebSphere AS: information disclosure via Server Identification

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via Server Identification of WebSphere AS, in order to obtain sensitive information.
Impacted products: Security Directory Server, Tivoli Directory Server, Tivoli Storage Manager, Tivoli System Automation, WebSphere AS Traditional, IBM WebSphere ESB.
Severity: 2/4.
Consequences: data reading.
Provenance: intranet client.
Creation date: 16/09/2016.
Identifiers: 1990056, 1990724, 1991900, 1991987, 1995793, 2002049, 2002050, 7014463, CVE-2016-5986, VIGILANCE-VUL-20625.

Description of the vulnerability

An attacker can bypass access restrictions to data via Server Identification of WebSphere AS, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2016-2183 CVE-2016-6329

Blowfish, Triple-DES: algorithms too weak, SWEET32

Synthesis of the vulnerability

An attacker can create a TLS/VPN session with a Blowfish/Triple-DES algorithm, and perform a two days attack, in order to decrypt data.
Impacted products: Avaya Ethernet Routing Switch, Blue Coat CAS, ProxySG par Blue Coat, SGOS by Blue Coat, Cisco ASR, Cisco Aironet, Cisco ATA, Cisco AnyConnect Secure Mobility Client, Cisco ACE, ASA, AsyncOS, Cisco Catalyst, Cisco Content SMA, Cisco ESA, IOS by Cisco, IOS XE Cisco, IOS XR Cisco, Cisco IPS, Nexus by Cisco, NX-OS, Cisco Prime Access Registrar, Prime Collaboration Assurance, Cisco Prime DCNM, Prime Infrastructure, Cisco Prime LMS, Cisco Router, Secure ACS, Cisco CUCM, Cisco Manager Attendant Console, Cisco Unified CCX, Cisco IP Phone, Cisco MeetingPlace, Cisco Wireless IP Phone, Cisco WSA, Cisco Wireless Controller, Debian, Avamar, Black Diamond, ExtremeXOS, Summit, BIG-IP Hardware, TMOS, Fedora, FileZilla Server, FortiAnalyzer, FortiAnalyzer Virtual Appliance, FortiGate, FortiGate Virtual Appliance, FortiOS, FreeRADIUS, hMailServer, HPE BSM, LoadRunner, HP Operations, Performance Center, Real User Monitoring, SiteScope, HP Switch, HP-UX, AIX, DB2 UDB, Informix Server, IRAD, Security Directory Server, Tivoli Directory Server, Tivoli Storage Manager, Tivoli System Automation, WebSphere MQ, Junos Space, McAfee Email Gateway, ePO, Data ONTAP, Snap Creator Framework, Nodejs Core, OpenSSL, openSUSE, openSUSE Leap, Oracle Communications, Oracle DB, Oracle Directory Server, Oracle Directory Services Plus, Oracle Fusion Middleware, Oracle GlassFish Server, Oracle Identity Management, Oracle iPlanet Web Server, Oracle OIT, Solaris, Tuxedo, Oracle Virtual Directory, WebLogic, Oracle Web Tier, SSL protocol, Pulse Connect Secure, Pulse Secure Client, Pulse Secure SBR, RHEL, JBoss EAP by Red Hat, SAS Add-in for Microsoft Office, SAS Analytics Pro, Base SAS Software, SAS Enterprise BI Server, SAS Enterprise Guide, SAS Management Console, SAS OLAP Server, SAS SAS/ACCESS, SAS SAS/AF, SAS SAS/CONNECT, SAS SAS/EIS, SAS SAS/ETS, SAS SAS/FSP, SAS SAS/GRAPH, SAS SAS/IML, SAS SAS/OR, SAS SAS/STAT, SAS SAS/Web Report Studio, Slackware, Splunk Enterprise, stunnel, SUSE Linux Enterprise Desktop, SLES, Synology DS***, Synology RS***, Nessus, Ubuntu, WinSCP.
Severity: 1/4.
Consequences: data reading.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 2.
Creation date: 25/08/2016.
Identifiers: 1610582, 1991866, 1991867, 1991870, 1991871, 1991875, 1991876, 1991878, 1991880, 1991882, 1991884, 1991885, 1991886, 1991887, 1991889, 1991892, 1991894, 1991896, 1991902, 1991903, 1991951, 1991955, 1991959, 1991960, 1991961, 1992681, 1993777, 1994375, 1995099, 1995922, 1998797, 1999054, 1999421, 2000209, 2000212, 2000370, 2000544, 2001608, 2002021, 2002335, 2002336, 2002479, 2002537, 2002870, 2002897, 2002991, 2003145, 2003480, 2003620, 2003673, 2004036, 2008828, 523628, 9010102, bulletinapr2017, c05349499, c05369403, c05369415, c05390849, CERTFR-2017-AVI-012, CERTFR-2019-AVI-049, cisco-sa-20160927-openssl, cpuapr2017, cpujan2018, cpujul2017, cpuoct2017, CVE-2016-2183, CVE-2016-6329, DSA-2018-124, DSA-3673-1, DSA-3673-2, FEDORA-2016-7810e24465, FEDORA-2016-dc2cb4ad6b, FG-IR-16-047, FG-IR-16-048, FG-IR-17-127, FG-IR-17-173, HPESBGN03697, HPESBGN03765, HPESBUX03725, HPSBGN03690, HPSBGN03694, HPSBHF03674, ibm10718843, java_jan2017_advisory, JSA10770, KM03060544, NTAP-20160915-0001, openSUSE-SU-2016:2199-1, openSUSE-SU-2016:2391-1, openSUSE-SU-2016:2407-1, openSUSE-SU-2016:2496-1, openSUSE-SU-2016:2537-1, openSUSE-SU-2017:1638-1, openSUSE-SU-2018:0458-1, RHSA-2017:0336-01, RHSA-2017:0337-01, RHSA-2017:0338-01, RHSA-2017:3113-01, RHSA-2017:3114-01, RHSA-2017:3239-01, RHSA-2017:3240-01, RHSA-2018:2123-01, SA133, SA40312, SB10171, SB10186, SB10197, SB10215, SOL13167034, SP-CAAAPUE, SPL-129207, SSA:2016-266-01, SSA:2016-363-01, SUSE-SU-2016:2387-1, SUSE-SU-2016:2394-1, SUSE-SU-2016:2458-1, SUSE-SU-2016:2468-1, SUSE-SU-2016:2469-1, SUSE-SU-2016:2470-1, SUSE-SU-2016:2470-2, SUSE-SU-2017:1444-1, SUSE-SU-2017:2838-1, SUSE-SU-2017:3177-1, SWEET32, TNS-2016-16, USN-3087-1, USN-3087-2, USN-3270-1, USN-3339-1, USN-3339-2, USN-3372-1, VIGILANCE-VUL-20473.

Description of the vulnerability

The Blowfish and Triple-DES symetric encryption algorithms use 64 bit blocks.

However, if they are used in CBC mode, a collision occurs after 785 GB transferred, and it is then possible to decrypt blocks with an attack lasting two days.

An attacker can therefore create a TLS/VPN session with a Blowfish/Triple-DES algorithm, and perform a two days attack, in order to decrypt data.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2015-1977

IBM Tivoli/Security Directory Server: directory traversal

Synthesis of the vulnerability

An attacker can traverse directories of IBM Tivoli/Security Directory Server, in order to read a file outside the service root path.
Impacted products: Security Directory Server, Tivoli Directory Server.
Severity: 2/4.
Consequences: data reading.
Provenance: internet client.
Creation date: 12/07/2016.
Identifiers: 1986452, CVE-2015-1977, VIGILANCE-VUL-20068.

Description of the vulnerability

The IBM Tivoli/Security Directory Server product offers a web service.

However, user's data are directly inserted in an access path. Sequences such as "/.." can thus be used to go in the upper directory.

An attacker can therefore traverse directories of IBM Tivoli/Security Directory Server, in order to read a file outside the service root path.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2015-5174

Apache Tomcat: directory traversal of ServletContext

Synthesis of the vulnerability

An attacker, who is allowed to upload a malicious web application on the service, can traverse directories in ServletContext of Apache Tomcat, in order to read the content of a directory outside the service root path.
Impacted products: Tomcat, Debian, BIG-IP Hardware, TMOS, HP-UX, QRadar SIEM, Tivoli Directory Server, Junos Space, Snap Creator Framework, openSUSE Leap, Oracle Communications, Solaris, RHEL, JBoss EAP by Red Hat, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: data reading.
Provenance: document.
Creation date: 22/02/2016.
Identifiers: 1980693, 1981632, 1983989, bulletinjan2016, c05054964, c05150442, cpujul2018, CVE-2015-5174, DSA-3530-1, DSA-3552-1, DSA-3609-1, HPSBUX03561, HPSBUX03606, JSA10838, K30971148, NTAP-20180531-0001, openSUSE-SU-2016:0865-1, RHSA-2016:1432-01, RHSA-2016:1433-01, RHSA-2016:1434-01, RHSA-2016:1435-01, RHSA-2016:2045-01, RHSA-2016:2599-02, SOL30971148, SUSE-SU-2016:0769-1, SUSE-SU-2016:0822-1, SUSE-SU-2016:0839-1, USN-3024-1, VIGILANCE-VUL-18993.

Description of the vulnerability

The Apache Tomcat product can execute a web application from an untrusted source with a Security Manager.

However, the getResource(), getResourceAsStream() and getResourcePaths() methods of ServletContext insert user's data directly in an access path. Sequences such as "/.." can thus be used by the web application to go in the upper directory.

An attacker, who is allowed to upload a malicious web application on the service, can therefore traverse directories in ServletContext of Apache Tomcat, in order to read the content of a directory outside the service root path.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.