IBM WebSphere Application Server < 6.1.0.25 Multiple Vulnerabilities

This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.


Synopsis :

The remote application server is affected by multiple vulnerabilities.

Description :

IBM WebSphere Application Server 6.1 before Fix Pack 25 appears to be
running on the remote host. As such, it is reportedly affected by
multiple vulnerabilities :

- Non-standard HTTP methods are allowed. (PK73246)

- An error in Single Sign-on (SSO) with SPNEGO
implementation could allow a remote attacker
to bypass security restrictions. (PK77465)

- 'wsadmin' is affected by a security exposure. (PK77495)

- Security flag 'isSecurityEnabled' is incorrectly set
after migrating from VMM. (PK78134)

- In certain cases sensitive information may appear in
migration trace. (PK78134)

- Use of insecure password obfuscation algorithm by Web
services could result in weaker than expected security
provided the client module specifies a password in
ibm-webservicesclient-bind.xmi and target environment
has custom password encryption enabled. (PK79275)

- Sensitive information might appear in trace files.
(PK80337)

- XML digital signature is affected by a security issue.
(PK80596)

- If CSIv2 Security is configured with Identity
Assertion, it may be possible for a remote
attacker to bypass security restrictions. (PK83097)

- IBM Stax XMLStreamWriter may write to an incorrect XML
file, and hence is susceptible to a XML fuzzing attack.
(PK84015)

- Configservice APIs could display sensitive information.
(PK84999)

- A security bypass caused by inbound requests that lack
a SOAPAction or WS-Addressing Action. (PK72138)

See also :

http://www-01.ibm.com/support/docview.wss?uid=swg21404665
http://www-01.ibm.com/support/docview.wss?uid=swg27009778
http://www-01.ibm.com/support/docview.wss?uid=swg27007951#61025

Solution :

If using WebSphere Application Server, apply Fix Pack 25 (6.1.0.25) or
later.

Otherwise, if using embedded WebSphere Application Server packaged with
Tivoli Directory Server, apply the latest recommended eWAS fix pack.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 3.7
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false