Contact Us
SECURITY BLOG SECURITY DASHBOARD PARTNERS PRODUCTS JOBS SERVICES COMPANY HOME
 
Security Dashboard | US-CERTs | SecurityFocus | Advisories | Exploits | Threats | Vulnerabilities | Risks
Network Security Consulting Advisories Article

IBM Lotus Expeditor Request Header Spoofing Security Bypass Vulnerability

http://www.securityfocus.com/bid/54163

Security Info

Bugtraq ID: 54163
Class: Design Error
CVE: CVE-2012-0191
Remote: Yes
Local: No
Published: Jun 22 2012 12:00AM
Updated: Jun 29 2012 01:40PM
Credit: IBM
Vulnerable:
Not Vulnerable:

Security Discussion

IBM Lotus Expeditor is prone to a security-bypass that allows attackers to spoof request headers.

An attacker can exploit this issue to bypass certain security restrictions by spoofing request headers allowing the attacker to perform malicious activities. Other attacks may also be possible.

Proof of Concept and Security Exploits

Attackers can exploit this issue with readily available tools.

Security Solution(s)

Solution:
Updates are available; please see the references for more information.

Security References(s)

References:

Contact Us

Security Penetration Testing

Security Questions

Security Dashboard

Emagined Security Blog featuring Dr. Eugene Schultz
Site Updated May 25, 2013
©2000-2013 Emagined Security
All Rights Reserved

Secure Web Programming
by Vizual Services