CVE-2015-1895

IBM InfoSphere Optim Workload Replay 2.x before 2.1.0.3 relies on client-side code to verify authorization, which allows remote attackers to bypass intended access restrictions by modifying the client behavior...

CVE-2015-1895

CVE-2015-1895 affects IBM InfoSphere Optim Workload Replay. The IBM bulletin confirms a vulnerability where “2.x before 2.1.0.3 relies on client-side code to verify authorization,” enabling a remote attacker to bypass authorization checks and gain unauthorized access to user actions. Affected ver...

CVE-2015-1894

CVE-2015-1894 affects IBM InfoSphere Optim Workload Replay. The IBM advisory identifies a cross-site request forgery due to improper validation of user input that could let an attacker hijack an authenticated user’s session to perform actions, potentially enabling cross-site scripting through cra...

IBM Optim Workload Replay Security Bypass Vulnerability

IBM InfoSphere Optim Workload Replay is an IBM solution for replaying real database production activities and providing reports on the impact of changes and identifying problems quickly. A security vulnerability exists in IBM Optim Workload Replay. The vulnerability allows an attacker to bypass...

IBM InfoSphere Optim Workload Replay Cross-Site Request Forgery Vulnerability

IBM InfoSphere Optim Workload Replay is an IBM solution for replaying real database production activities and providing reports on the impact of changes and identifying problems quickly. A cross-site request forgery vulnerability exists in IBM InfoSphere Optim Workload Replay that allows remote...

How to Simulate Veeam Backup & Replication Disk I/O

Purpose This article provides examples of using common workload simulators diskspd and fio to simulate Veeam Backup & Replication disk I/O. Do Not Send Test Output Files to Veeam Support The write test output files testfile.dat do not contain diagnostic data. As such, please do not attach them to...

Debian Security Advisory DSA 3149-1 (condor - security update)

Florian Weimer, of Red Hat Product Security, discovered an issue in condor, a distributed workload management system. Upon job completion, it can optionally notify a user by sending an email; the mailx invocation used in that process allowed for any authenticated user able to submit jobs, to...

DSA-3149-1 condor - security update

Bulletin has no description...

Important: Red Hat Security Advisory: condor security update

Updated condor packages that fix one security issue are now available for Red Hat Enterprise MRG 2.5 for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

CVE-2014-6158

Multiple directory traversal vulnerabilities in the file-upload feature in IBM PureApplication System 1.0 before 1.0.0.4 iFix 10, 1.1 before 1.1.0.5, and 2.0 before 2.0.0.1 and Workload Deployer 3.1.0.7 before IF5 allow remote authenticated users to execute arbitrary code via a 1 Script Package, ...

Directory traversal

Multiple directory traversal vulnerabilities in the file-upload feature in IBM PureApplication System 1.0 before 1.0.0.4 iFix 10, 1.1 before 1.1.0.5, and 2.0 before 2.0.0.1 and Workload Deployer 3.1.0.7 before IF5 allow remote authenticated users to execute arbitrary code via a 1 Script Package, ...

CVE-2014-6158

Multiple directory traversal vulnerabilities in the file-upload feature in IBM PureApplication System 1.0 before 1.0.0.4 iFix 10, 1.1 before 1.1.0.5, and 2.0 before 2.0.0.1 and Workload Deployer 3.1.0.7 before IF5 allow remote authenticated users to execute arbitrary code via a 1 Script Package, ...

CVE-2014-5393 Path Traversal to Sensitive Files in Webroot in "JobScheduler"

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-5393 =================== "Path Traversal to Sensitive Files in Webroot" CWE-219 vulnerability in "JobScheduler" product Vendor =================== Software- & Organisations-Service GmbH Product =================== "JobScheduler is a workload...

Moab Authentication Bypass [CVE-2014-5300]

Moab Authentication Bypass : CVE-2014-5300 Software: Moab Affected Versions: All versions prior to Moab 7.2.9 and Moab 8 CVE Reference: CVE-2014-5300 Author: John Fitzpatrick, MWR Labs http://labs.mwrinfosecurity.com/ Severity: High Risk Vendor: Adaptive Computing Vendor Response: Resolved in Moa...

Moab User Impersonation

Moab User Impersonation : CVE-2014-5375 Software: Moab Affected Versions: All current versions of Moab. However, the impact is limited in Moab 7.2.9 and Moab 8. CVE Reference: CVE-2014-5375 Author: John Fitzpatrick, Luke Jennings MWR Labs http://labs.mwrinfosecurity.com/ Severity: High Risk Vendo...

Moab Workload Manage 7.2.9 / 8 User Impersonation Vulnerability

Moab versions prior to 7.2.9 and 8 suffer from a user impersonation vulnerability. Moab User Impersonation : CVE-2014-5375 Software: Moab Affected Versions: All current versions of Moab. However, the impact is limited in Moab 7.2.9 and Moab 8. CVE Reference: CVE-2014-5375 Author: John Fitzpatrick...

Moab Workload Manage 7.2.9 / 8 Dynamic Configuration Authentication Bypass Vulnerability

Moab versions prior to 7.2.9 and 8 suffer from a dynamic reconfiguration authentication bypass issue that allows for remote code execution. Moab Authentication Bypass : CVE-2014-5300 Software: Moab Affected Versions: All versions prior to Moab 7.2.9 and Moab 8 CVE Reference: CVE-2014-5300 Author:...

RHEL 6 : condor (RHSA-2012:1169)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2012:1169 advisory. Condor is a specialized workload management system for compute-intensive jobs. It provides a job queuing mechanism, scheduling policy, priority schem...

Cross site scripting

Cross-site scripting XSS vulnerability in IBM InfoSphere Optim Workload Replay 1.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...

CVE-2014-0899

ftpd in IBM AIX 7.1.1 before SP10 and 7.1.2 before SP5, when a Workload Partition aka WPAR for AIX 5.2 or 5.3 is used, allows remote authenticated users to bypass intended permission settings and modify arbitrary files via FTP commands...