Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1378

Overview

Vulnerability Score 1.9 1.9
CVE Id CVE-2011-1378
Last Modified 17 Jan 2012 12:00:00
Published 25 Nov 2011 10:57:45
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1378

Summary

IBM WebSphere MQ 6.0 on OpenVMS, when the default rights of the MQM group are established, does not properly verify User Authorization File (UAF) data, which allows local users to kill listener processes and the command server via a control command.

Vulnerable Systems

Application

  • Ibm Websphere Mq 6.0


References

XF - wmq-cc-security-bypass(71336)

AIXAPAR - IC78034

SECUNIA - 46837


Last Updated: 27 May 2016 10:56:18