IBM WebSphere Application Server 7.0 < Fix Pack 3

This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.


Synopsis :

The remote application server is affected by multiple vulnerabilities.

Description :

IBM WebSphere Application Server 7.0 before Fix Pack 3 appears to be
running on the remote host. As such, it is reportedly affected by
multiple vulnerabilities :

- Under certain conditions it may be possible to access
administrative console user sessions. (PK74966)

- The administrative console is affected by a cross-site
scripting vulnerability. (PK77505)

- If APAR PK41002 has been applied, a vulnerability in the
JAX-RPC WS-Security component could incorrectly
validate 'UsernameToken'. (PK75992)

- Sample applications shipped with IBM WebSphere
Application Server are affected by cross-site scripting
vulnerabilities. (PK76720)

- Certain files associated with interim fixes for Unix-
based versions of IBM WebSphere Application Server are
built with insecure file permissions. (PK77590)

- The Web Services Security component is affected by an
unspecified security issue in digital-signature
specification. (PK80596)

- It may be possible for an attacker to read arbitrary
application-specific war files. (PK81387)

- A security bypass caused by inbound requests that lack
a SOAPAction or WS-Addressing Action. (PK72138)

See also :

http://www-01.ibm.com/support/docview.wss?uid=swg24022693
http://www-01.ibm.com/support/docview.wss?uid=swg24022456
http://www-01.ibm.com/support/docview.wss?uid=swg21367223
http://www-01.ibm.com/support/docview.wss?uid=swg27014463#7003

Solution :

Apply Fix Pack 3 (7.0.0.3) or later.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.2
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true