IBM WebSphere Application Server < 6.0.2.33 Multiple Vulnerabilities

This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.


Synopsis :

The remote application server is affected by multiple vulnerabilities.

Description :

IBM WebSphere Application Server 6.0.2 before Fix Pack 33 appears to
be running on the remote host. As such, it is reportedly affected by
multiple vulnerabilities :

- Provided an attacker has valid credentials, it may be
possible to hijack an authenticated session. (PK66676)

- The PerfServlet code writes sensitive information in
the 'systemout.log' and ffdc files, provided
Performance Monitoring Infrastructure (PMI) is enabled.
(PK63886)

- It may be possible to login to the administrative
console using a user account that is locked by the
operating system. (PK67909)

- An unknown vulnerability affects z/OS-based IBM
WebSphere application servers. (PK71143)

- An unspecified vulnerability in the administrative
console could allow arbitrary file retrieval from the
remote system. (PK72036)

- If APAR PK41002 has been applied, a vulnerability in
the JAX-RPC WS-Security component could incorrectly
validate 'UsernameToken'. (PK75992)

- Certain files associated with interim fixes for Unix-
based versions of IBM WebSphere Application Server are
built with insecure file permissions. (PK78960)

See also :

http://www-01.ibm.com/support/docview.wss?uid=swg27006876#60233
http://www-01.ibm.com/support/docview.wss?uid=swg1PK67909
http://www-01.ibm.com/support/docview.wss?uid=swg21367223
http://www-01.ibm.com/support/docview.wss?uid=swg24022693

Solution :

Apply Fix Pack 33 (6.0.2.33) or later.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.2
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Web Servers

Nessus Plugin ID: 36132 ()

Bugtraq ID: 33884
34330
35610

CVE ID: CVE-2009-0891
CVE-2009-0506