CVE

Id
48401  
CVE No.
CVE-2011-0489  
Status
Candidate  
Description
The server components in Objectivity/DB 10.0 do not require authentication for administrative commands, which allows remote attackers to modify data, obtain sensitive information, or cause a denial of service by sending requests over TCP to (1) the Lock Server or (2) the Advanced Multithreaded Server, as demonstrated by commands that are ordinarily sent by the (a) ookillls and (b) oostopams applications. NOTE: some of these details are obtained from third party information.  
Phase
Assigned (20110118)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
525640 48401 CVE-2011-0489 EXPLOIT-DB:15988  View
525641 48401 CVE-2011-0489 URL:http://www.exploit-db.com/exploits/15988  View
525642 48401 CVE-2011-0489 CERT-VN:VU#782567  View
525643 48401 CVE-2011-0489 URL:http://www.kb.cert.org/vuls/id/782567  View
525644 48401 CVE-2011-0489 BID:45803  View
525645 48401 CVE-2011-0489 URL:http://www.securityfocus.com/bid/45803  View
525646 48401 CVE-2011-0489 OSVDB:70424  View
525647 48401 CVE-2011-0489 URL:http://osvdb.org/70424  View
525648 48401 CVE-2011-0489 SECUNIA:42901  View
525649 48401 CVE-2011-0489 URL:http://secunia.com/advisories/42901  View
525650 48401 CVE-2011-0489 VUPEN:ADV-2011-0127  View
525651 48401 CVE-2011-0489 URL:http://www.vupen.com/english/advisories/2011/0127  View
525652 48401 CVE-2011-0489 XF:objectivity-operations-sec-bypass(64699)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
33896 JVNDB-2011-004138 IBM Tivoli Access Manager for e-business の WebSEAL におけるディレクトリトラバーサルの脆弱性 IBM Tivoli Access Manager for e-business のWebSEALには、ディレクトリトラバーサルの脆弱性が存在します。 CVE-2011-0494 48401 5 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-004138.html  View