IBM WebSphere Application Server < Multiple Vulnerabilities

This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.

Synopsis :

The remote application server is affected by multiple vulnerabilities.

Description :

IBM WebSphere Application Server 6.0.2 before Fix Pack 33 appears to
be running on the remote host. As such, it is reportedly affected by
multiple vulnerabilities :

- Provided an attacker has valid credentials, it may be
possible to hijack an authenticated session. (PK66676)

- The PerfServlet code writes sensitive information in
the 'systemout.log' and ffdc files, provided
Performance Monitoring Infrastructure (PMI) is enabled.

- It may be possible to login to the administrative
console using a user account that is locked by the
operating system. (PK67909)

- An unknown vulnerability affects z/OS-based IBM
WebSphere application servers. (PK71143)

- An unspecified vulnerability in the administrative
console could allow arbitrary file retrieval from the
remote system. (PK72036)

- If APAR PK41002 has been applied, a vulnerability in
the JAX-RPC WS-Security component could incorrectly
validate 'UsernameToken'. (PK75992)

- Certain files associated with interim fixes for Unix-
based versions of IBM WebSphere Application Server are
built with insecure file permissions. (PK78960)

See also :

Solution :

Apply Fix Pack 33 ( or later.

Risk factor :

High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.2
Public Exploit Available : true

Family: Web Servers

Nessus Plugin ID: 36132 ()

Bugtraq ID: 33884

CVE ID: CVE-2009-0891