This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.
An access and authorization control management system, installed on
the remote host is affected by multiple vulnerabilities.
According to its self-reported version, the install of the IBM Tivoli
Access Manager for e-Business WebSEAL component is affected by the
following vulnerabilities :
- An input validation error exists that could allow
directory traversal attacks having an unspecified
impact. (CVE-2010-4622, CVE-2011-0494)
- An error exists related to 'shift-reload' actions that
could allow an authenticated attacker to cause denial
of service conditions. Note that only the 6.1.1.x
branch is affected by this issue. (CVE-2010-4623)
See also :
Apply the interim fix 126.96.36.199-TIV-AWS-IF0040 / 188.8.131.52-TIV-AWS-IF0026
/ 184.108.40.206-TIV-AWS-IF0006 or later. Or apply the fixpack
6.1.1-TIV-AWS-FP0001 or later.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.1
Public Exploit Available : true