A vulnerability in the Tivoli Firewall Toolbox version 1.2 has been discovered that can lead to remote unauthorized compromise of the environment with in the firewall system.
A buffer overflow vulnerability in the communications layer of the Tivoli Firewall Toolbox has been discovered. The IBM Tivoli Firewall Toolbox, according to the IBM statement, provides the underlying communication for the framework-based applications within a firewalled environment. This is an optional component, and not part of the base installation for IBM Tivoli Management Environment.
A remote unauthenticated attacker may be able to execute arbitrary code on the system running the Tivoli Firewall Toolbox. The Tivoli Firewall Toolbox typically runs as user nobody, but may be configured to run as another user.
This issue has been addressed in version 1.3 of the Tivoli Firewall Toolbox.
According to IBM's statement, downloads of version 1.3 of the IBM Tivoli Firewall Toolbox can be found at:
Thanks to Ubizen for discovering this vulnerability and to IBM Tivoli Systems for reporting this vulnerability.
This document was written by Jason A Rafail.
|Date First Published:||2003-03-19|
|Date Last Updated:||2003-03-19 21:39 UTC|