Búsqueda de    
Vulnerabilidad   
    Buscar 191973 Descripciones CVE y
86218 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.800193
Categoría:Default Accounts
Título:IBM Rational Quality Manager and Rational Test Lab Manager Tomcat Default Account Vulnerability
Resumen:The host is running Tomcat server in IBM Rational Quality Manager/; IBM Rational Test Lab Manager has a default password for the ADMIN account.
Descripción:Summary:
The host is running Tomcat server in IBM Rational Quality Manager/
IBM Rational Test Lab Manager has a default password for the ADMIN account.

Vulnerability Insight:
The flaw exists within the installation of the bundled Tomcat server.
The default ADMIN account is improperly disabled within 'tomcat-users.xml'
with default password. A remote attacker can use this vulnerability to
execute arbitrary code under the context of the Tomcat server.

Vulnerability Impact:
Successful exploitation will allow attackers to execute arbitrary code in
the context of an affected application.

Affected Software/OS:
Versions prior to IBM Rational Quality Manager and IBM Test Lab
Manager 7.9.0.3 build:1046.

Solution:
Upgrade to version 7.9.0.3 build 1046 or later.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:P/A:N

Referencia Cruzada: BugTraq ID: 44172
Common Vulnerability Exposure (CVE) ID: CVE-2010-4094
http://www.securityfocus.com/bid/44172
http://download4.boulder.ibm.com/sar/CMA/RAA/013m6/0/UpdateLog.txt
http://www.zerodayinitiative.com/advisories/ZDI-10-214/
http://osvdb.org/69008
http://securitytracker.com/id?1024601
http://secunia.com/advisories/41784
http://www.vupen.com/english/advisories/2010/2732
CopyrightCopyright (C) 2011 Greenbone Networks GmbH

Esta es sólo una de 86218 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2020 E-Soft Inc. Todos los derechos reservados.