IBM Security Bulletin: A vulnerability in the GSKit component of IBM Tivoli Monitoring (CVE-2015-1788)

A vulnerability has been addressed in the GSKit component of IBM Tivoli Monitoring (ITM). IBM Tivoli Monitoring also utilizes the IBM HTTP Server (IHS) as the default HTTP server for the portal server. IBM HTTP Server is also affected by the CVE as listed below.

CVE(s): CVE-2015-1788

Affected product(s) and affected version(s):

The following components for IBM Tivoli Monitoring versions 6.30 through 6.30 FP6 are affected:

  • Portal Server – IBM HTTP Server
  • Portal Server, Distributed Management Servers, and Distributed Agents (GSKit/Basic Services)

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2ise7if
X-Force Database: http://ift.tt/1ZnoGA9



from IBM Product Security Incident Response Team http://ift.tt/2ismjPl