The keystore file in Unicore Client before 5.6 build 5, when running on Unix systems, has insecure default permissions, which allows local users to obtain sensitive information.
https://exchange.xforce.ibmcloud.com/vulnerabilities/30157
http://www.vupen.com/english/advisories/2006/4419
http://www.securityfocus.com/bid/20981
http://sourceforge.net/project/shownotes.php?release_id=461942