IBM WebSphere Application Server < 6.1.0.25 Multiple Vulnerabilities

medium Nessus Plugin ID 39450

Synopsis

The remote application server is affected by multiple vulnerabilities.

Description

IBM WebSphere Application Server 6.1 before Fix Pack 25 appears to be running on the remote host. As such, it is reportedly affected by multiple vulnerabilities :

- Non-standard HTTP methods are allowed. (PK73246)

- An error in Single Sign-on (SSO) with SPNEGO implementation could allow a remote attacker to bypass security restrictions. (PK77465)

- 'wsadmin' is affected by a security exposure. (PK77495)

- Security flag 'isSecurityEnabled' is incorrectly set after migrating from VMM. (PK78134)

- In certain cases sensitive information may appear in migration trace. (PK78134)

- Use of insecure password obfuscation algorithm by Web services could result in weaker than expected security provided the client module specifies a password in ibm-webservicesclient-bind.xmi and target environment has custom password encryption enabled. (PK79275)

- Sensitive information might appear in trace files.
(PK80337)

- XML digital signature is affected by a security issue.
(PK80596)

- If CSIv2 Security is configured with Identity Assertion, it may be possible for a remote attacker to bypass security restrictions. (PK83097)

- IBM Stax XMLStreamWriter may write to an incorrect XML file, and hence is susceptible to a XML fuzzing attack.
(PK84015)

- Configservice APIs could display sensitive information.
(PK84999)

- A security bypass caused by inbound requests that lack a SOAPAction or WS-Addressing Action. (PK72138)

Solution

If using WebSphere Application Server, apply Fix Pack 25 (6.1.0.25) or later.

Otherwise, if using embedded WebSphere Application Server packaged with Tivoli Directory Server, apply the latest recommended eWAS fix pack.

See Also

http://www-01.ibm.com/support/docview.wss?uid=swg21404665

http://www-01.ibm.com/support/docview.wss?uid=swg27009778

http://www-01.ibm.com/support/docview.wss?uid=swg27007951#61025

Plugin Details

Severity: Medium

ID: 39450

File Name: websphere_6_1_0_25.nasl

Version: 1.25

Type: remote

Family: Web Servers

Published: 6/19/2009

Updated: 8/6/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: cpe:/a:ibm:websphere_application_server

Required KB Items: www/WebSphere

Exploit Ease: No known exploits are available

Patch Publication Date: 6/16/2009

Reference Information

CVE: CVE-2009-0899, CVE-2009-0903, CVE-2009-0904, CVE-2009-1174, CVE-2009-1899, CVE-2009-1900, CVE-2009-1901, CVE-2009-2085, CVE-2009-2087, CVE-2009-2088, CVE-2009-2089

BID: 35405, 35406, 35594, 35741, 36154, 36156, 36158, 36163

CWE: 16, 200, 255, 264, 287, 310

Secunia: 35491