Security Flaw in TIBCO Rendezvous Networking by TIBCO Software Inc.
CVE-2007-4160

Currently unrated

Key Information:

Vendor: Tibco
Status: Rendezvous
Vendor: CVE Published:; 3 August 2007

Summary

The TIBCO Rendezvous 7.5.2 clients, when configured without the '-no-multicast' option, utilize a multicast group for sending network messages. This configuration flaw can potentially allow remote attackers to intercept and capture sensitive message contents transmitted over the network, thereby compromising the confidentiality of the data exchanged.

References

http://www.securitytracker.com/id?1018512

vdb-entryx_refsource_SECTRACK

http://archives.neohapsis.com/archives/fulldisclosure/200...

mailing-listx_refsource_FULLDISC

http://osvdb.org/46992

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
Aug 3, 2007
Vulnerability Reserved
Aug 3, 2007