Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compressing stream (BZip2CompressorOutputStream) in Apache Commons Compress before 1.4.1 allows remote attackers to cause a denial of service (CPU consumption) via a file with many repeating inputs.

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched.

  - apache-commons-compress: denial of service flaw when compressing certain files (CVE-2012-2098)

Note that Nessus has not tested for this issue but has instead relied on the package manager's report that the package is installed.

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched.

  - apache-commons-compress: denial of service flaw when compressing certain files (CVE-2012-2098)

Note that Nessus has not tested for this issue but has instead relied on the package manager's report that the package is installed.

The remote Solaris system is missing necessary patches to address security updates :

  - Algorithmic complexity vulnerability in the sorting     algorithms in bzip2 compressing stream     (BZip2CompressorOutputStream) in Apache Commons Compress     before 1.4.1 allows remote attackers to cause a denial     of service (CPU consumption) via a file with many     repeating inputs. (CVE-2012-2098)

IBM WebSphere Application Server 7.0 before Fix Pack 31 appears to be running on the remote host.  It is, therefore, potentially affected by the following vulnerabilities :

  - A flaw in the mod_rewrite module of Apache HTTP Server     potentially allows a remote attacker to execute     arbitrary code via HTTP. (CVE-2013-1862, PM87808)

  - An XSS vulnerability exists in IBM WebSphere Application     Server due to a failure to sanitize user-supplied input     in the Administrative console. (CVE-2013-4005, PM88208)

  - A denial of service vulnerability exists when using the     optional mod_dav module. (CVE-2013-1896, PM89996)

  - A denial of service vulnerability exists due the use of     Apache Ant to compress files. (CVE-2012-2098, PM90088)

  - A privilege escalation vulnerability exists on IBM     WebSphere Application Servers using WS-Security that are     configured for XML Digital Signature using trust store.
    (CVE-2013-4053, PM90949, PM91521)

  - An XSS vulnerability exists in IBM WebSphere Application     Server caused by a failure to sanitize user-supplied     input in the UDDI Administrative console.
    (CVE-2013-4052, PM91892)

  - A privilege escalation vulnerability exists in IBM     WebSphere Application Servers that have been migrated     from version 6.1 or later. (CVE-2013-5414, PM92313)

  - An XSS vulnerability exists in IBM WebSphere Application     Server due to a failure to sanitize application HTTP     response data. (CVE-2013-5417, PM93323, PM93944)

  - An XSS vulnerability exists in IBM WebSphere Application     Server due to a failure to sanitize user-supplied input     in the Administrative console. (CVE-2013-5418, PM96477)

  - An XSS vulnerability exists in IBM WebSphere Application     Server due to a failure to sanitize user-supplied input     in the Administrative console. (CVE-2013-6725, PM98132)

  - An information disclosure vulnerability exists in IBM     WebSphere Application Servers configured to use static     file caching using the simpleFileServlet.
    (CVE-2013-6330, PM98624)

  - A denial of service vulnerability exists in IBM     WebSphere Application Server due to a failure to     properly handle requests by a web services endpoint.
    (CVE-2013-6325, PM99450)

  - An information disclosure vulnerability exists in the     IBM SDK for Java that ships with IBM WebSphere     Application Server related to JSSE. (CVE-2013-5780)

  - A denial of service vulnerability exists in the IBM SDK     for Java that ships with IBM WebSphere Application     Server related to XML. (CVE-2013-5372)

  - A denial of service vulnerability exists in the IBM SDK     for Java that ships with IBM WebSphere Application     Server related to JSSE. (CVE-2013-5803)

IBM WebSphere Application Server 8.5 before Fix Pack 8.5.5.1 appears to be running on the remote host and is, therefore, potentially affected by the following vulnerabilities :

  - A flaw exists related to Apache Ant and file     compression that could lead to denial of service     conditions. (CVE-2012-2098 / PM90088)

  - Unspecified errors exist related to the administration     console that could allow cross-site scripting attacks.
    (CVE-2013-0460 / PM72275, CVE-2013-5418 / PM96477,     CVE-2013-5425 / PM93828)

  - Multiple errors exist related to the IBM Eclipse Help     System that could allow cross-site scripting attacks     and information disclosure attacks. (CVE-2013-0464,     CVE-2013-0467, CVE-2013-0599 / PM89893)

  - An input validation flaw exists in the optional     'mod_rewrite' module in the included IBM HTTP Server     that could allow arbitrary command execution via     HTTP requests containing certain escape sequences.
    (CVE-2013-1862 / PM87808)

  - A flaw exists related to the optional 'mod_dav'     module in the included IBM HTTP Server that could     allow denial of service conditions.
    (CVE-2013-1896 / PM89996)

  - A user-supplied input validation error exists that could     allow cross-site request forgery (CSRF) attacks to be     carried out. (CVE-2013-3029 / PM88746)

  - User-supplied input validation errors exist related to     the administrative console that could allow cross-site     scripting attacks.
    (CVE-2013-4004 / PM81571, CVE-2013-4005 / PM88208)

  - An unspecified permissions error exists that could     allow a local attacker to obtain sensitive information.
    Note this issue only affects the 'Liberty Profile'.
    (CVE-2013-4006 / PM90472)

  - An input validation error exists related to the UDDI     Administrative console that could allow cross-site     scripting attacks. (CVE-2013-4052 / PM91892)

  - An attacker may gain elevated privileges because of     improper certificate checks. WS-Security and XML Digital     Signatures must be enabled. (CVE-2013-4053 / PM90949)

  - An error exists related to incorrect Administration     Security roles and migrations from version 6.1.
    (CVE-2013-5414 / PM92313)

  - Unspecified input validation errors exist that could     allow cross-site scripting attacks. (CVE-2013-5417 /     PM93323 and PM93944)

IBM WebSphere Application Server 6.1 before Fix Pack 47 appears to be running on the remote host.  As such, it is potentially affected by the following vulnerabilities :

  - A remote attacker can bypass authentication because of     improper user validation on Linux, Solaris, and HP-UX     platforms that use a LocalOS registry.
    (CVE-2013-0543, PM75582)

  - A denial of service can be caused by the way Apache     Ant uses bzip2 to compress files. This can be exploited     by a local attacker passing specially crafted input.
    (CVE-2012-2098, PM90088)

  - A local attacker can cause a denial of service on     Windows platforms with a LocalOS registry using     WebSphere Identity Manager. (CVE-2013-0541, PM74909)

  - Remote attackers can traverse directories by deploying     a specially crafted application file to overwrite files     outside of the application deployment directory.
    (CVE-2012-3305, PM62467)

  - The TLS protocol implementation is susceptible to     plaintext-recovery attacks via statistical analysis of     timing data for crafted packets. (CVE-2013-0169,     PM85211)

  - Terminal escape sequences are not properly filtered from     logs. Remote attackers could execute arbitrary commands     via an HTTP request containing an escape sequence.
    (CVE-2013-1862, PM87808)

  - Improper validation of user input allows for cross-site     request forgery. By persuading an authenticated user     to visit a malicious website, a remote attacker could     exploit this vulnerability to obtain sensitive     information. (CVE-2012-4853, CVE-2013-3029, PM62920,     PM88746)

  - Improper validation of user input in the administrative     console allows for multiple cross-site scripting     attacks. (CVE-2013-0458, CVE-2013-0459, CVE-2013-0461,     CVE-2013-0542, CVE-2013-0596, CVE-2013-2967,     CVE-2013-4005, CVE-2013-4052, PM71139, PM72536, PM71389,     PM73445, PM78614, PM81846, PM88208, PM91892)

  - Improper validation of portlets in the administrative     console allows for cross-site request forgery, which     could allow an attacker to obtain sensitive information.
    (CVE-2013-0460, PM72275)

  - Remote, authenticated attackers can traverse directories     on Linux and UNIX systems running the application.
    (CVE-2013-0544, PM82468)

  - A denial of service attack is possible if the optional     mod_dav module is being used. (CVE-2013-1896, PM89996)

  - Sensitive information can be obtained by a local     attacker because of incorrect caching by the     administrative console. (CVE-2013-2976, PM79992)

  - An attacker may gain elevated privileges because of     improper certificate checks. WS-Security and XML Digital     Signatures must be enabled. (CVE-2013-4053, PM90949,     PM91521)

  - Deserialization of a maliciously crafted OpenJPA object     can result in an executable file being written to the     file system. WebSphere is NOT vulnerable to this issue     but the vendor suggests upgrading to be proactive.
    (CVE-2013-1768, PM86780, PM86786, PM86788, PM86791)

IBM WebSphere Application Server 8.0 before Fix Pack 7 appears to be running on the remote host.  It is, therefore, potentially affected by the following vulnerabilities :

  - A flaw exists related to Apache Ant and file     compression that could lead to denial of service     conditions. (CVE-2012-2098 / PM90088)

  - The TLS protocol in the GSKIT component is vulnerable     to a plaintext recovery attack.
    (CVE-2013-0169 / PM85211)

  - A flaw exists relating to OAuth that could allow a     remote attacker to obtain someone else's credentials.
    (CVE-2013-0597 / PM85834 / PM87131)

  - A flaw exists relating to OpenJPA that is triggered     during deserialization, which could allow a remote     attacker to write to the file system and potentially     execute arbitrary code. Note the vendor states this     application is not directly affected by this flaw;
    however, this application does include the affected     version of OpenJPA. (CVE-2013-1768 / PM86780)

  - An input validation flaw exists in the optional     'mod_rewrite' module in the included IBM HTTP Server     that could allow arbitrary command execution via     HTTP requests containing certain escape sequences.
    (CVE-2013-1862 / PM87808)

  - A flaw exists related to the optional 'mod_dav'     module in the included IBM HTTP Server that could     allow denial of service conditions.
    (CVE-2013-1896 / PM89996)

  - User-supplied input validation errors exist related to     the administrative console that could allow cross-site     scripting attacks.
    (CVE-2013-2967 / PM78614, CVE-2013-4004 / PM81571,     CVE-2013-4005 / PM88208)

  - An information disclosure vulnerability exists related     to incorrect caching by the administrative console.
    (CVE-2013-2976 / PM79992)

  - A user-supplied input validation error exists that could     allow cross-site request forgery (CSRF) attacks to be     carried out. (CVE-2013-3029 / PM88746)

Rebase to upstream version 2.3 and add patch to fix CVE-2012-2098.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Update to 1.4.1, fixing CVE-2012-2098

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

ID	Name	Product	Family	Severity
199372	RHEL 5 : ant (Unpatched Vulnerability)	Nessus	Red Hat Local Security Checks	high
199353	RHEL 6 : ant (Unpatched Vulnerability)	Nessus	Red Hat Local Security Checks	high
80580	Oracle Solaris Third-Party Patch Update : ant (algorithmic_complexity_vulnerability_in_apache)	Nessus	Solaris Local Security Checks	medium
72061	IBM WebSphere Application Server 7.0 < Fix Pack 31 Multiple Vulnerabilities	Nessus	Web Servers	medium
71229	IBM WebSphere Application Server 8.5 < Fix Pack 8.5.5.1 Multiple Vulnerabilities	Nessus	Web Servers	medium
70022	IBM WebSphere Application Server 6.1 < Fix Pack 47 Multiple Vulnerabilities	Nessus	Web Servers	critical
69449	IBM WebSphere Application Server 8.0 < Fix Pack 7 Multiple Vulnerabilities	Nessus	Web Servers	high
66378	Fedora 18 : plexus-archiver-2.3-1.fc18 (2013-5548)	Nessus	Fedora Local Security Checks	medium
66377	Fedora 17 : plexus-archiver-2.3-1.fc17 (2013-5546)	Nessus	Fedora Local Security Checks	medium
59349	Fedora 16 : apache-commons-compress-1.4.1-1.fc16 (2012-8465)	Nessus	Fedora Local Security Checks	medium
59346	Fedora 17 : apache-commons-compress-1.4.1-1.fc17 (2012-8428)	Nessus	Fedora Local Security Checks	medium

Detections

Analytics

CVE-2012-2098

high

Tenable Plugins

high

high

medium

medium

medium

critical

high

medium

medium

medium

medium