Security Bulletin: Vulnerability in Rational License Key Server affecting both the license server, lmgrd, and the vendor daemon, ibmratl (CVE-2011-1389)

Summary meta http-equiv="Refresh" CONTENT="0; URL=http://www.ibm.com/support/docview.wss?uid=swg21622287" Security Bulletin: Rational License Key Server vulnerability CVE-2011-1389, CVE-2011-4135 Vulnerability Details Click browser refresh button to be redirected to Security Bulletin: IBM Rationa...

Directory traversal

Multiple directory traversal vulnerabilities in the vendor daemon in Rational Common Licensing in Telelogic License Server 2.0, Rational License Server 7.x, and ibmratl in IBM Rational License Key Server RLKS 8.0 through 8.1.2 allow remote attackers to execute arbitrary code via vectors related t...

CVE-2011-1389

CVE-2011-1389 affects IBM Rational License Key Server (RLKS) 8.0–8.1.x and related Telelogic/Rational license servers. The vendor daemon (ibmratl) and lmgrd contain directory traversal and file-rename/load bugs that enable remote code execution via log file operations. Connected sources also refe...

CVE-2011-4135

CVE-2011-4135 affects Flexera FlexNet Publisher 11.10 lmgrd (FlexNet License Server Manager). The vulnerability stems from directory traversal and related file-rename/load issues on log files, allowing remote attackers to execute arbitrary code via those vectors. CVSSv2 base score 10.0 (HIGH) wit...

KLA10163 ACE vulnerability in FlexNet Publishier

Multiple critical vulnerabilities have been found in FlexNet Publisher. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities 1. A buffer overflow can be exploited remotely via a specially designed packet. 2. Directory traversal...