IBM fixes flaws in Tivoli and WebSphere
IBM has released updates that eliminate vulnerabilities in several different products. IBM Tivoli Business Service Manager stores passwords in clear text; a vulnerability in IBM Tivoli Provisioning Manager for OS Deployment can be exploited to crash the integrated web server; a hole in IBM WebSphere Business Modeler allows unauthorised users to delete content from the repositories, and there is update to IBM WebSphere Application Server to eliminate a vulnerability of which no details are given.
- IBM Tivoli Business Service Manager V4.1.1 Interim Fix 1(4.1.1.0-TIV-BSM-IF0001), update description by IBM
- Tivoli Provisioning Manager for OS Deployment 5.1.0-TIV-TPMOSD-IF0003, update description by IBM
- WebSphere Business Modeler Basic V6.0.2.1 Interim Fix 11, update description by IBM
- WebSphere Business Modeler Advanced V6.0.2.1 Interim Fix 11, update description by IBM
- PK52059; Potential security exposure with serveservletsbyclassnameenabled, update description by IBM
(mba)