IBM WebSphere Application Server 6.1 < Fix Pack 45 Multiple Vulnerabilities

medium Nessus Plugin ID 62394

Synopsis

The remote application server may be affected by multiple vulnerabilities.

Description

IBM WebSphere Application Server 6.1 before Fix Pack 45 appears to be running on the remote host. As such, it is potentially affected by the following vulnerabilities :

- An error exists related to 'Application Snoop Servlet' and missing access controls. This error can allow sensitive information to be disclosed. Note that exploiting this issue requires that the default 'Application Snoop Servlet' be installed and running.
(CVE-2012-2170, PM56183)

- Several errors exist related to SSL/TLS that can allow an attacker to carry out denial of service attacks against the application. (CVE-2012-2190, CVE-2012-2191, PM66218)

- Unspecified cross-site scripting issues exist related to the administrative console. (CVE-2012-3293, PM60839)

- An unspecified error in the 'ISC Console' can allow a remote attacker to take over a valid user's session.
(CVE-2012-3304, PM54356)

- An unspecified directory traversal error exists that can allow remote attackers to overwrite files outside the application's deployment directory. (CVE-2012-3305, PM62467)

- When multi-domain support is enabled, the application does not properly purge passwords from the authentication cache. (CVE-2012-3306, PM66514)

- An error exists related to 'Federated Repositories', 'IIOP' connections, 'CBIND' checking and 'Optimized Local Adapters' that can allow a remote attacker to bypass security restrictions. Note that this issue affects the application when running on z/OS.
(CVE-2012-3311, PM61388)

- The fix contained in PM44303 contains an error that can allow an authenticated attacker to bypass security restrictions and gain administrative access to the application. (CVE-2012-3325, PM71296)

Solution

If using WebSphere Application Server, apply Fix Pack 45 (6.1.0.45) or later.

Otherwise, if using embedded WebSphere Application Server packaged with Tivoli Directory Server, apply the latest recommended eWAS fix pack.

See Also

http://www-01.ibm.com/support/docview.wss?uid=swg21404665

http://www-01.ibm.com/support/docview.wss?uid=swg27009778

http://www.nessus.org/u?bad06dcb

http://www.nessus.org/u?58770565

http://www.nessus.org/u?80adf3bd

http://www.nessus.org/u?fcf28d02

https://www-304.ibm.com/support/docview.wss?uid=swg21618044

https://www-304.ibm.com/support/docview.wss?uid=swg21620517

https://www-304.ibm.com/support/docview.wss?uid=swg21620518

https://www-304.ibm.com/support/docview.wss?uid=swg21611311

http://www-01.ibm.com/support/docview.wss?uid=swg24033269

http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27007951#61045

Plugin Details

Severity: Medium

ID: 62394

File Name: websphere_6_1_0_45.nasl

Version: 1.11

Type: remote

Family: Web Servers

Published: 10/2/2012

Updated: 8/6/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:ibm:websphere_application_server

Required KB Items: www/WebSphere

Exploit Ease: No known exploits are available

Patch Publication Date: 9/24/2012

Vulnerability Publication Date: 1/17/2012

Reference Information

CVE: CVE-2012-2170, CVE-2012-2190, CVE-2012-2191, CVE-2012-3293, CVE-2012-3304, CVE-2012-3305, CVE-2012-3306, CVE-2012-3311, CVE-2012-3325

BID: 53755, 54743, 55149, 55185, 55309, 55671, 55678

CWE: 20, 442, 629, 711, 712, 722, 725, 74, 750, 751, 79, 800, 801, 809, 811, 864, 900, 928, 931, 990