IBM WebSphere Application Server 6.1 < Fix Pack 21 Multiple Flaws

This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.


Synopsis :

The remote application server is affected by multiple vulnerabilities.

Description :

IBM WebSphere Application Server 6.1 before Fix Pack 21 appears to be
running on the remote host. As such, it is reportedly affected by
multiple flaws :

- Provided Performance Monitoring Infrastructure (PMI) is
enabled, it may be possible for a local attacker to
obtain sensitive information through 'Systemout.log' and
'ffdc' files that are written by PerfServlet.

- SSL Configuration settings attribute 'Security Level'
does not correctly enforce the level of encryption used
by the application server. (PK63182)

See also :

http://www-01.ibm.com/support/docview.wss?uid=swg21404665
http://www-01.ibm.com/support/docview.wss?uid=swg27009778
http://www-01.ibm.com/support/docview.wss?&uid=swg1PK63182
http://www-01.ibm.com/support/docview.wss?uid=swg27007951#61021

Solution :

If using WebSphere Application Server, apply Fix Pack 21 (6.1.0.21) or
later.

Otherwise, if using embedded WebSphere Application Server packaged with
Tivoli Directory Server, apply the latest recommended eWAS fix pack.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 3.2
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Web Servers

Nessus Plugin ID: 35659 ()

Bugtraq ID: 33700

CVE ID: CVE-2009-0434