IBM Tivoli Endpoint Manager for Remote Control Denial of Service Vulnerability

Release date:
Updated on:

Affected Systems:
IBM Tivoli Endpoint Manager for Remote Control 8.2
Description:
--------------------------------------------------------------------------------
Bugtraq id: 56649
CVE (CAN) ID: CVE-2012-4841

IBM Tivoli Endpoint Manager is a solution for faster and more intelligent management of endpoints. Built with BigFix, it integrates endpoints and security management.

IBM Tivoli Endpoint Manager for Remote Control 8.2.1 "Remote Control proxy" in build 0024 and other versions has unknown details. Remote attackers can exploit this vulnerability to consume all CPU resources and cause DOS.

<* Source: IBM (ncsupp@ca.ibm.com)

Link: http://secunia.com/advisories/51386/
Http://www-01.ibm.com/support/docview.wss? Uid = swg21616746
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

IBM
---
For this reason, IBM has released a Security Bulletin (swg21616746) and corresponding patches. The agent component v8.2.1 (build 0024) needs to be installed ). To resolve this issue, update the existing installation with the agent components included in the Tivoli Endpoint Manager for Remote Control Fix pack 8.2.1-TIV-TEMRC821-IF0002:

Swg21616746: Security Bulletin: Tivoli Endpoint Manager for Remote Control Broker denial of service (CVE-2012-4841)

Link: http://www-01.ibm.com/support/docview.wss? Uid = swg21616746

Patch link: http://www-933.ibm.com/support/fixcentral/swg/doSelectFixes? Options. selectedFixes = 8.2.1-TIV-TEMRC821-MULTI-IF0002 & continue = 1