English
Log in
Search
The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1

HomeDescriptionsSA49028

IBM OS/400 HTTP Server mod_proxy Reverse Proxy Mode Security Bypass Weakness


Secunia ID

SA49028
CVE-ID

CVE-2011-4317
Release Date

30 Apr 2012
Last Change

03 May 2012
Criticality

Less Critical
Solution Status

Vendor Patch
Where

From remote
Impact
Security Bypass

This covers vulnerabilities or security issues where malicious users or people can bypass certain security mechanisms of the application.

The actual impact varies significantly depending on the design and purpose of the affected application.
Description

IBM has acknowledged a weakness in OS/400, which can be exploited by malicious people to bypass certain security restrictions.

For more information:
SA46987

The weakness is reported in versions V5R4M0, V5R5M0, and V6R1M0.
Solution

Apply update.

V5R4M0:
Apply PTF SI46469.

V5R5M0:
Apply APAR SE51592.

V6R1M0:
Apply PTF SI46401.
Original Advisory

IBM (SE51505, SI46401, SE51592, SI46469):
http://www.ibm.com/support/docview.wss?uid=nas2394373277328c954862579cd003c709c
http://www.ibm.com/support/docview.wss?uid=nas39578294f523b4b8c862579dd00751bce
http://www.ibm.com/support/docview.wss?uid=nas2d046a7b7e1835079862579d3003c805e
http://www.ibm.com/support/docview.wss?uid=nas34839d966028cb7c4862579dc00581728

© 1997-2013 Kaspersky Lab ZAO. All Rights Reserved.
Industry-leading Antivirus Software.
Registered trademarks and service marks are the property of their respective owners.
The authors' opinions do not necessarily reflect the official positions of Kaspersky Lab.

kaspersky.com

Products

eStore

Threats

Downloads

Support

Partners

About Us

Search

securelist.com

Threats

Analysis

Blog

Descriptions

Glossary

RSS feeds

Contacts

Search