Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1592

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2008-1592
Last Modified 07 Mar 2011 10:07:19
Published 31 Mar 2008 07:44:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-1592

Summary

MQSeries 5.1 in IBM WebSphere MQ 5.1 through 5.3.1 on the HP NonStop and Tandem NSK platforms does not require mqm group membership for execution of administrative tasks, which allows local users to bypass intended access restrictions via the runmqsc program, related to "Pathway panels."

Vulnerable Systems

Application

  • Ibm Websphere Mq 5.1

  • Ibm Websphere Mq 5.3

  • Ibm Websphere Mq 5.3.1


References

CONFIRM - http://www-1.ibm.com/support/docview.wss?uid=swg21297035

VUPEN - ADV-2008-0869

BID - 28235

SECTRACK - 1019610

SECUNIA - 29360


Last Updated: 27 May 2016 10:47:36