RSS   Vulnerabilities for 'Pssecure'   RSS

2005-04-20
 
CVE-2005-1244

 

 
** DISPUTED ** Directory traversal vulnerability in the third party tool from NetIQ, as used to secure the iSeries AS/400 FTP server, allows remote attackers to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request. NOTE: the vendor has disputed this issue, saying that "neither NetIQ Security Manager nor our iSeries Security Solutions are vulnerable."

 

 >>> Vendor: Netiq 15 Products
Edirectory
Imanager
Pssecure
Identity manager
Access manager
Security manager
Sentinel
Privileged user manager
Sentinel agent manager
Security solutions for iseries
Self service password reset
Access governance suite
Sentinel server
Privileged account manager
Identity reporting


Copyright 2024, cxsecurity.com

 

Back to Top