IBM Sterling External Authentication Server Local Arbitrary Command Execution Vulnerability

IBM Sterling External Authentication Server is prone to a local arbitrary command-execution vulnerability.

Local attackers can exploit this issue to execute arbitrary commands with the privileges of the administrator user. This may facilitate a complete compromise of an affected application.

The following versions are affected:

IBM Sterling External Authentication Server 2.4.1
IBM Sterling External Authentication Server 2.4.0
IBM Sterling External Authentication Server 2.3.01
IBM Sterling External Authentication Server 2.2.0


 

Privacy Statement
Copyright 2010, SecurityFocus