IBM Netezza WebAdmin Multiple Security Vulnerabilities

IBM Netezza WebAdmin is prone to following security vulnerabilities:

1. An SQL-injection vulnerability
2. A cross-site scripting vulnerability
3. An information-disclosure vulnerability
4. A security-bypass vulnerability
5. A spoofing Vulnerability
6. An authentication-bypass vulnerability

Exploiting these vulnerabilities could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, bypass security restrictions to obtain sensitive information or perform unauthorized actions, gain administrative access, mislead a user to believe that they are viewing a legitimate site, or execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site.


Privacy Statement
Copyright 2010, SecurityFocus