Friday, 03.29.2024, 2:37 PM

Ethical Hacking - By Chintan Gurjar

Site menu
Calendar
«  December 2010  »
SuMoTuWeThFrSa
   1234
567891011
12131415161718
19202122232425
262728293031
Our poll
Rate my site
Total of answers: 171

Main » 2010 » December » 27 » Multiple vulnerabilities in IBM Lotus Mobile Connect
4:52 PM
Multiple vulnerabilities in IBM Lotus Mobile Connect



1. The weakness is caused due to the Connection Manager not properly deleting the LTPA token for a session after the user logs off via the "Logoff" button, which can be exploited to bypass the authentication.

Successful exploitation requires that the attacker has e.g. access to an unattended client.

2. The Connection Manager does not properly handle failed connection attempts to the HTTP-TCP based Mobile Network Connections (MNC), which can be exploited to e.g. cause an out-of-memory condition, resulting in a crash.

3. An error exists within the reference counter of the Connection Manager when handling repeated logons with the same VPN ID, which can be exploited to desynchronize the reference counter of active sessions, leading to an exhaustion of e.g. all available dynamic IP addresses.
Views: 989 | Added by: handsome_devil | Rating: 0.0/0
Total comments: 1
1 olfa  
0
i need hack facebook

Name *:
Email *:
Code *: