CVE-2016-0380
First published: Mon Aug 08 2016(Updated: )
IBM Sterling Connect:Direct for Unix 4.1.0 before 4.1.0.4 iFix073 and 4.2.0 before 4.2.0.4 iFix003 uses default file permissions of 0664, which allows local users to obtain sensitive information via standard filesystem operations.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ibm Sterling Connect\ | =direct-4.1.0.0 | |
| Ibm Sterling Connect\ | =direct-4.1.0.1 | |
| Ibm Sterling Connect\ | =direct-4.1.0.2 | |
| Ibm Sterling Connect\ | =direct-4.1.0.3 | |
| Ibm Sterling Connect\ | =direct-4.1.0.4 | |
| Ibm Sterling Connect\ | =direct-4.2.0.0 | |
| Ibm Sterling Connect\ | =direct-4.2.0.1 | |
| Ibm Sterling Connect\ | =direct-4.2.0.2 | |
| Ibm Sterling Connect\ | =direct-4.2.0.3 | |
| Ibm Sterling Connect\ | =direct-4.2.0.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/author
- agent/weakness
- agent/references
- agent/severity
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/description
- agent/event
- agent/first-publish-date
- vendor/ibm
- canonical/ibm sterling connect\
- version/ibm sterling connect\/direct-4.1.0.0
- version/ibm sterling connect\/direct-4.1.0.1
- version/ibm sterling connect\/direct-4.1.0.2
- version/ibm sterling connect\/direct-4.1.0.3
- version/ibm sterling connect\/direct-4.1.0.4
- version/ibm sterling connect\/direct-4.2.0.0
- version/ibm sterling connect\/direct-4.2.0.1
- version/ibm sterling connect\/direct-4.2.0.2
- version/ibm sterling connect\/direct-4.2.0.3
- version/ibm sterling connect\/direct-4.2.0.4