This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.
The remote application server is affected by multiple vulnerabilities.
IBM WebSphere Application Server 6.0.2 before Fix Pack 33 appears to
be running on the remote host. As such, it is reportedly affected by
multiple vulnerabilities :
- Provided an attacker has valid credentials, it may be
possible to hijack an authenticated session. (PK66676)
- The PerfServlet code writes sensitive information in
the 'systemout.log' and ffdc files, provided
Performance Monitoring Infrastructure (PMI) is enabled.
- It may be possible to login to the administrative
console using a user account that is locked by the
operating system. (PK67909)
- An unknown vulnerability affects z/OS-based IBM
WebSphere application servers. (PK71143)
- An unspecified vulnerability in the administrative
console could allow arbitrary file retrieval from the
remote system. (PK72036)
- If APAR PK41002 has been applied, a vulnerability in
the JAX-RPC WS-Security component could incorrectly
validate 'UsernameToken'. (PK75992)
- Certain files associated with interim fixes for Unix-
based versions of IBM WebSphere Application Server are
built with insecure file permissions. (PK78960)
See also :
Apply Fix Pack 33 (18.104.22.168) or later.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.2
Public Exploit Available : true