Rational Software Security Vulnerabilities

CVE-1999-0350

Race condition in the db_loader program in ClearCase gives local users root access by setting SUID bits.

CVE-2001-0855

Buffer overflow in db_loader in ClearCase 4.2 and earlier allows local users to gain root privileges via a long TERM environment variable.

CVE-2002-1322

Rational ClearCase 4.1, 2002.05, and possibly other versions allows remote attackers to cause a denial of service (crash) via certain packets to port 371, e.g. via nmap.

CVE-2007-2783

Unspecified vulnerability in Rational Soft Hidden Administrator 1.7 and earlier allows remote attackers to bypass authentication and execute arbitrary code via unspecified vectors. NOTE: this issue has no actionable information, and perhaps should not be included in CVE.