IBM FileNet Content Manager Lets Remote Users Hijack Accounts in Certain Cases - SecurityTracker

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

Home | View Topics | Search | Contact Us |

SecurityTracker
Archives

Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Category: Application (Generic) > IBM FileNet Content Manager

IBM FileNet Content Manager Lets Remote Users Hijack Accounts in Certain Cases

SecurityTracker Alert ID: 1022338

SecurityTracker URL: http://securitytracker.com/id/1022338

CVE Reference: GENERIC-MAP-NOMATCH (Links to External Site)

Date: Jun 5 2009

Impact: User access via network

Fix Available: Yes Vendor Confirmed: Yes

Version(s): 4.0, 4.0.1, 4.5

Description: A vulnerability was reported in IBM FileNet Content Manager. A remote user can hijack a target user's account in certain cases.

A remote user can exploit a flaw in the caching of credentials to assume the identity of the target user.

Systems where the CE Web Services listener is configured to use Extensible Authentication Framework (WSEAF) and the WSEAF configuration is using SOAP Security elements other than UsernameToken or BinarySecurityToken are affected.

Impact: A remote user can assume the identity of the target user.

Solution: The vendor has issued a fix.

For WebLogic Application Server:

P8 CE 4.0.0 Upgrade to P8 CE 4.0.1 and apply the appropriate Fix Pack.
P8 CE 4.0.1 This issue will be addressed in P8 CE 4.0.1 Fix Pack 10, which is scheduled for release in June 2009.
P8 CE 4.5.0 Upgrade to P8 CE 4.5.1. This issue will be addressed in P8 CE 4.5.1 GA, which is scheduled for release in August 2009.

For WebSphere Application Server:

P8 CE 4.0.0 Upgrade to P8 CE 4.0.1 and apply the appropriate Fix Pack.
P8 CE 4.0.1 This issue has been fixed in P8 CE 4.0.1 Fix Pack 8, which was released in February 2009.
P8 CE 4.5.0 This issue has been fixed in P8 CE 4.5.0 Fix Pack 2, which was released in May 2009.

The vendor's advisory is available at:

http://www-01.ibm.com/support/docview.wss?uid=swg21389281

Vendor URL: www-01.ibm.com/support/docview.wss?uid=swg21389281 (Links to External Site)

Cause: Authentication error

Underlying OS: Linux (Any), UNIX (AIX), UNIX (HP/UX), UNIX (Solaris - SunOS), Windows (Any)

Message History: None.

Source Message Contents

Date: Fri, 5 Jun 2009 12:38:14 -0400
Subject: IBM FileNet Content Manager authentication vulnerability with Web Services Extensible Authentication Framework (WSEAF)


http://www-01.ibm.com/support/docview.wss?uid=swg21389281

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us
Copyright 2013, SecurityGlobal.net LLC