CVE-2011-1389

Name of the Vulnerable Software and Affected Versions Telelogic License Server version 2.0 Rational License Server versions 7.x IBM Rational License Key Server (RLKS) versions 8.0 through 8.1.2

Description The issue concerns directory traversal vulnerabilities in the vendor daemon of Rational Common Licensing, allowing remote attackers to execute arbitrary code. This is achieved through vectors related to save, rename, and load operations on log files.

Recommendations For Telelogic License Server version 2.0, update to a version that addresses the directory traversal vulnerabilities. For Rational License Server versions 7.x, apply the necessary patches or updates to fix the issue. For IBM Rational License Key Server (RLKS) versions 8.0 through 8.1.2, consider restricting access to log file operations until a patch is available.