IBM WebSphere Application Server < Multiple Vulnerabilities

This script is Copyright (C) 2008-2015 Tenable Network Security, Inc.

Synopsis :

The remote application server is affected by multiple vulnerabilities.

Description :

IBM WebSphere Application Server 6.1 before Fix Pack 15 appears to be
running on the remote host. As such, it is reportedly affected by the
following vulnerabilities :

- There is an as-yet unspecified security exposure in
wsadmin (PK45726).

- Sensitive information might appear in plaintext in the
http_plugin.log file (PK48785).

- There is an as-yet unspecified potential security
exposure in the 'PropFilePasswordEncoder' utility

- There is an as-yet unspecified potential security
exposure with 'serveServletsByClassnameEnabled'

- Sensitive information may appear in plaintext in
startserver.log (PK53198).

- If Fix Pack 9 has been installed, attackers can perform
an internal application hashtable login by either not
providing a password or providing an empty password
when the JAAS Login functionality is enabled.

See also :

Solution :

If using WebSphere Application Server, apply Fix Pack 15 ( or

Otherwise, if using embedded WebSphere Application Server packaged with
Tivoli Directory Server, apply the latest recommended eWAS fix pack.

Risk factor :

High / CVSS Base Score : 7.5
CVSS Temporal Score : 5.5
Public Exploit Available : false

Family: Web Servers

Nessus Plugin ID: 45422 ()

Bugtraq ID: 27400

CVE ID: CVE-2008-0740