Test Kennung:	1.3.6.1.4.1.25623.1.0.800193
Kategorie:	Default Accounts
Titel:	IBM Rational Quality Manager and Rational Test Lab Manager Tomcat Default Account Vulnerability (HTTP)
Zusammenfassung:	The Apache Tomcat server in IBM Rational Quality Manager / IBM; Rational Test Lab Manager has a default password for the ADMIN account.
Beschreibung:	Summary: The Apache Tomcat server in IBM Rational Quality Manager / IBM Rational Test Lab Manager has a default password for the ADMIN account. Vulnerability Insight: The flaw exists within the installation of the bundled Tomcat server. The default ADMIN account is improperly disabled within 'tomcat-users.xml' with default password. A remote attacker can use this vulnerability to execute arbitrary code under the context of the Tomcat server. Vulnerability Impact: Successful exploitation will allow attackers to execute arbitrary code in the context of an affected application. Affected Software/OS: Versions prior to IBM Rational Quality Manager and IBM Test Lab Manager 7.9.0.3 build:1046. Solution: Update to version 7.9.0.3 build 1046 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2010-4094 BugTraq ID: 44172 http://www.securityfocus.com/bid/44172 http://download4.boulder.ibm.com/sar/CMA/RAA/013m6/0/UpdateLog.txt http://www.zerodayinitiative.com/advisories/ZDI-10-214/ http://osvdb.org/69008 http://securitytracker.com/id?1024601 http://secunia.com/advisories/41784 http://www.vupen.com/english/advisories/2010/2732
Copyright	Copyright (C) 2011 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.