Detections
Analytics

IBM WebSphere Application Server 7.0 < Fix Pack 1

medium Nessus Plugin ID 35082

Language:

Synopsis

The remote application server is affected by multiple vulnerabilities.

Description

IBM WebSphere Application Server 7.0 before Fix Pack 1 appears to be running on the remote host. As such, it is reportedly affected by multiple vulnerabilities.

- The PerfServlet code writes sensitive information in the 'systemout.log' and ffdc files, provided Performance Monitoring Infrastructure (PMI) is enabled. (PK63886)
- A vulnerability in feature pack for web services could lead to information disclosure due to 'userNameToken'.
 (PK67282)
- A user locked by the underlying OS may be able to authenticate via the administrative console. (PK67909)

 - Web authentication options 'Authenticate when any URI is accessed' and 'Use available authentication data when an unprotected URI is accessed' are ignored. Servlets with with no security constraints are not authenticated and usernames with '@' symbol fail to authenticate.
 (PK71826)

 - WS-Security in JAX-WS does not remove UsernameTokens from client cache on failed logins. (PK72435)

 - WSPolicy discloses password in SOAP messages even though IDAssertion.isUsed is set to true, and a simple user name token policyset is used. (PK73573)

 - SSL traffic is routed over unencrypted TCP routes.
 (PK74777)

 - By sending a specially crafted request, it may be possible for a remote attacker to gain access to certain JSP pages that require authorization.
 (PK75248)

Solution

Apply Fix Pack 1 (7.0.0.1) or later.

See Also

http://www-01.ibm.com/support/docview.wss?uid=swg24021073

http://www-01.ibm.com/support/docview.wss?uid=swg1PK67909

http://www-01.ibm.com/support/docview.wss?uid=swg1PK71826

http://www-01.ibm.com/support/docview.wss?uid=swg1PK72435

http://www-01.ibm.com/support/docview.wss?uid=swg27014463#7001

Plugin Details

Severity: Medium

ID: 35082

File Name: websphere_7_0_0_1.nasl

Version: 1.21

Type: remote

Family: Web Servers

Published: 12/10/2008

Updated: 8/6/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 5.1

Temporal Score: 3.8

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:ibm:websphere_application_server

Required KB Items: www/WebSphere

Exploit Ease: No known exploits are available

Patch Publication Date: 12/8/2008

Reference Information

CVE: CVE-2008-5411, CVE-2008-5412, CVE-2008-5413, CVE-2008-5414, CVE-2009-0434, CVE-2009-0438, CVE-2009-0504

BID: 32679, 33700, 33879

CWE: 200, 264, 310

Secunia: 33022