IBM WebSphere Application Server 6.0 < Multiple Vulnerabilities

This script is Copyright (C) 2010-2015 Tenable Network Security, Inc.

Synopsis :

The remote application server is affected by multiple

Description :

IBM WebSphere Application Server 6.0.x before Fix Pack 25 appears to
be running on the remote host. Such versions are reportedly affected
by multiple vulnerabilities.

- An unspecified vulnerability in the Administrative
Console involving monitor role users. (PK45768)

- WebSphere Application Server writes unspecified
plaintext information to 'http_plugin.log' which might
allow attackers to obtain sensitive information.

- An unspecified vulnerability in the
'PropFilePasswordEncoder' utility. (PK52709)

- A header buffer-handling vulnerability with unspecified
impact. (PK57746)

- An unspecified vulnerability in the 'UOWManager'.

See also :

Solution :

Apply Fix Pack 25 ( or later.

Risk factor :

Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true

Family: Web Servers

Nessus Plugin ID: 45419 ()

Bugtraq ID: 27400

CVE ID: CVE-2007-6679