SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


Welcome to SecurityTracker!
 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:  Application (Generic)  >  IBM Tivoli Configuration Manager Vendors:  IBM
IBM Tivoli Configuration Manager Cookie Authentication Weakness May Let Remote Users Hijack Sessions
SecurityTracker Alert ID:  1010378
SecurityTracker URL:  http://securitytracker.com/id?1010378
CVE Reference:  GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Jun 3 2004
Impact:  User access via network
Fix Available:  Yes   Exploit Included:  Yes   Vendor Confirmed:  Yes  
Version(s): IBM Tivoli Configuration Manager version 4.2; IBM Tivoli Configuration Manager for Automated Teller Machines version 2.1.0
Description:  A vulnerability was reported in IBM Tivoli Configuration Manager. A remote user may be able to hijack a user session.

IBM reported that a remote user can supply a specially crafted (or stolen) cookie to impersonate a valid authenticated target user and hijack the target user's session.

The remote user can gain access to resources and data on the target system and may be able to gain control of the compromised application, the report said.

The vulnerability relates to the use of cookies to maintain session status.
Impact:  A remote user may be able to hijack a target user's session.
Solution:  The vendor has released a fix, available at:

http://www.ibm.com/support/docview.wss?uid=swg21169105
Vendor URL:  www.ibm.com/support/docview.wss?uid=swg21168762 (Links to External Site)
Cause:  Authentication error
Underlying OS:  UNIX (AIX), UNIX (HP/UX), UNIX (Solaris - SunOS), Windows (NT), Windows (2000)

Message History:   None.

 Source Message Contents
Date:  Thu, 03 Jun 2004 08:34:39 -0400
Subject:  http://www-1.ibm.com/support/docview.wss?uid=swg21168762

 

http://www-1.ibm.com/support/docview.wss?uid=swg21168762

 > Potential Credential Impersonation Attack

 > IBM has determined that multiple IBM products can be affected by a form of credential
 > impersonation exploit that would allow an attacker to gain access to resources and data,
 > or gain control of the compromised application.

The vulnerability relates to the use of cookies to maintain session status.

The following products are affected:

· Tivoli SecureWay Policy Director version 3.8
· IBM Tivoli Access Manager for e-business version 3.9, 4.1, and 5.1
· IBM Tivoli Access Manager Identity Manager Solution version 5.1
· IBM Tivoli Configuration Manager version 4.2
· IBM Tivoli Configuration Manager for Automated Teller Machines version 2.1.0
· IBM WebSphere Everyplace Server, Service Provider Offering for Multi-platforms version 
2.1.3, 2.14, and 2.15


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2004, SecurityGlobal.net LLC