You are here

U-007: IBM Rational AppScan Import/Load Function Flaws Let Remote Users Execute Arbitrary Code

October 10, 2011 - 9:15am

Addthis

PROBLEM:

IBM Rational AppScan Import/Load Function Flaws Let Remote Users Execute Arbitrary Code.

PLATFORM:

Version(s): 7.8, 7.8.0.1, 7.8.0.2, 7.9, 7.9.0.1, 7.9.0.2, 7.9.0.3, 8.0, 8.0.0.1, 8.0.0.2

ABSTRACT:

Two vulnerabilities were reported in IBM Rational AppScan. A remote user can cause arbitrary code to be executed on the target user's system.

reference LINKS:

IBM Security Advisory Document ID: 1515110
IBM Fix Pack Document ID: 4030774
SecurityTracker Alert ID: 1026154

IMPACT ASSESSMENT:

High

Discussion:

A high risk security vulnerability in the "Import functionality" of IBM Rational AppScan Enterprise and IBM Rational AppScan Reporting Console and the "File Load functionality" of IBM Rational AppScan Standard and IBM Rational AppScan Express may result in remote command execution.

A remote user can create a specially crafted zip file that, when imported by the target user, will execute arbitrary code on the target system CVE-2011-1366.
Versions 5.2 through 8.0.1 of IBM Rational AppScan Enterprise and IBM Rational AppScan Reporting Console are affected.

A remote user can create a specially crafted '.scan' file that, when loaded by the target user, will execute arbitrary code on the target system CVE-2011-1367.
Versions 7.8 through 8.0 of IBM Rational AppScan Standard and IBM Rational AppScan Express are affected.

The appliance itself is not affected.

Impact:

When importing the contents of a ZIP file in IBM Rational AppScan Enterprise or IBM Rational AppScan Reporting Console, remote command execution is possible on an agent server computer when the import job is run.

Solution:

The vendor has issued a fix : Rational AppScan Enterprise Edition Fix Pack 1 (8.0.1.1) for 8.0.1

 

Addthis