SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   IBM Security Access Manager Vendors:   IBM
IBM Tivoli Access Manager Cookie Authentication Weakness May Let Remote Users Hijack Sessions
SecurityTracker Alert ID:  1010379
SecurityTracker URL:  http://securitytracker.com/id/1010379
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Jun 3 2004
Impact:   User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): IBM Tivoli Access Manager for e-business version 3.9, 4.1, and 5.1; IBM Tivoli Access Manager Identity Manager Solution version 5.1
Description:   A vulnerability was reported in IBM Tivoli Access Manager. A remote user may be able to hijack a user session.

IBM reported that a remote user can supply a specially crafted (or stolen) cookie to impersonate a valid authenticated target user and hijack the target user's session.

The remote user can gain access to resources and data on the target system and may be able to gain control of the compromised application, the report said.

The vulnerability relates to the use of cookies to maintain session status.

Impact:   A remote user may be able to hijack a target user's session.
Solution:   The vendor has released the following fixes:

IBM Tivoli Access Manager for e-business 3.9 (WebSEAL):

http://www.ibm.com/support/docview.wss?uid=swg24006460

IBM Tivoli Access Manager for e-business 3.9 (Web Server Plug-in):

http://www.ibm.com/support/docview.wss?uid=swg24006535

IBM Tivoli Access Manager for e-business 4.1 (WebSEAL):

http://www.ibm.com/support/docview.wss?uid=swg24006273

IBM Tivoli Access Manager for e-business 4.1 (Web Server Plug-in):

http://www.ibm.com/support/docview.wss?uid=swg24006534

IBM Tivoli Access Manager for e-business 5.1 (WebSEAL):

http://www.ibm.com/support/docview.wss?uid=swg24006477

IBM Tivoli Access Manager for e-business 5.1 (Web Server Plug-in):

http://www.ibm.com/support/docview.wss?uid=swg24006533

IBM Tivoli Access Manager Identity Manager Solution 5.1 (WebSEAL or Web Server Plug-in):

http://www.ibm.com/support/docview.wss?uid=swg24006477
http://www-1.ibm.com/support/docview.wss?uid=swg24006533

Vendor URL:  www.ibm.com/support/docview.wss?uid=swg21168762 (Links to External Site)
Cause:   Authentication error
Underlying OS:  Linux (Any), UNIX (AIX), UNIX (HP/UX), UNIX (Solaris - SunOS), Windows (NT), Windows (2000)

Message History:   None.


 Source Message Contents

Subject:  http://www-1.ibm.com/support/docview.wss?uid=swg21168762


http://www-1.ibm.com/support/docview.wss?uid=swg21168762

 > Potential Credential Impersonation Attack

 > IBM has determined that multiple IBM products can be affected by a form of credential
 > impersonation exploit that would allow an attacker to gain access to resources and data,
 > or gain control of the compromised application.

The vulnerability relates to the use of cookies to maintain session status.

The following products are affected:

2.1.3, 2.14, and 2.15


 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC