Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-1239

Overview

Vulnerability Score 9.0 9.0
CVE Id CVE-2000-1239
Last Modified 05 Sep 2008 04:23:00
Published 31 Dec 2000 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2000-1239

Summary

The HTTP interface of Tivoli Lightweight Client Framework (LCF) in IBM Tivoli Management Framework 3.7.1 sets http_disable to zero at install time, which allows remote authenticated users to bypass file permissions on Tivoli Endpoint Configuration data files via an unspecified manipulation of log files.

Vulnerable Systems

Application

  • Ibm Tivoli Management Framework 3.7.1


References

XF - tivoli-lcf-file-read(3927)

BID - 17085


Last Updated: 27 May 2016 10:36:05