I was able to get some more details. Here they are:
==
The problem is that all client sessions which use ASNODENAME
and have authority to use ASNODENAME, will run as
authorized sessions. According to the doc, sessions using ASNODENAME
must be run as
Hi
This is really good question. If fact current description is not very clear.
Anyone could provide better one or some example scenario to know which
data/config is affected?
Thanks in advance
Krzysztof
2016-02-25 13:04 GMT+01:00 Henrik Ahlgren :
> Is the IBM Security
Is the IBM Security Bulletin correct when it does not list Windows as a
vulnerable platform?
BTW, where can I find a more detailed description about what does this
mean exactly: "The Tivoli Storage Manager server fails to adequately
check the authorization of client sessions using the ASNODENAME
, February 24, 2016 3:32 PM
To: ADSM-L@VM.MARIST.EDU
Subject: [ADSM-L] Fixing level for ASNODENAME vulnerability
We are trying to figure out how to deal with the bug described in
https://urldefense.proofpoint.com/v2/url?u=http-3A__www-2D01.ibm.com_support_docview.wss-3Fuid-3Dswg21975957=AwIFAg
We are trying to figure out how to deal with the bug described in
http://www-01.ibm.com/support/docview.wss?uid=swg21975957. The document at that
URL includes a table with information about the availability of fixes for
various server code levels. The row for TSM 6.3 has a cell stating that the