This script is Copyright (C) 2009-2011 Tenable Network Security, Inc.
The remote application server is affected by multiple vulnerabilities.
IBM WebSphere Application Server 7.0 before Fix Pack 5 appears to be
running on the remote host. As such, it is reportedly affected by
multiple vulnerabilities :
- Non-standard HTTP methods are allowed. (PK73246)
- If the admin console is directly accessed from HTTP,
the console fails to redirect the connection to a
secure login page. (PK77010)
- An error in Single Sign-on (SSO) with SPNEGO
implementation could allow a remote attacker
to bypass security restrictions. (PK77465)
- 'wsadmin' is affected by a security exposure.
- Security flag 'isSecurityEnabled' is incorrectly set
after migrating from VMM. (PK78134)
- Use of insecure password obfuscation algorithm by Web
services could result in weaker than expected security
provided the client module specifies a password in
ibm-webservicesclient-bind.xmi and target environment
has custom password encryption enabled. (PK79275)
- After upgrading from WebSphere Application Server V6.1
to V7.0 with tracing enabled, an attacker may be able
view sensitive information by viewing the trace files.
- If CSIv2 Security is configured with Identity
Assertion, it may be possible for a remote
attacker to bypass security restrictions. (PK83097)
- New applications deployed in WebSphere Application
Server for z/OS prior to 1.8 are saved on the file
system with insecure privileges resulting in
disclosure of sensitive information. (PK83308)
- Configservice APIs could display sensitive information.
- Vulnerabilities in Apache HTTP server could allow a
local user to gain elevated privileges. (PK86232)
- A error in 'wsadmin' could allow a remote attacker
to bypass security restrictions. (PK86328)
- A vulnerability in portlet serving enable parameter
could allow an attacker to bypass security restrictions
and gain unauthorized access to the application.
See also :
Apply Fix Pack 5 (220.127.116.11) or later.
Risk factor :
Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.0
Public Exploit Available : false