IBM WebSphere Application Server 6.1 < Multiple Vulnerabilities

This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.

Synopsis :

The remote application server is affected by multiple vulnerabilities.

Description :

IBM WebSphere Application Server 6.1 before Fix Pack 31 appears to be
running on the remote host. As such, it is reportedly affected by
multiple vulnerabilities :

- It is possible for Administrator role members to modify
primary administrative id via the administrative
console. (PK88606)

- An unspecified cross-site scripting vulnerability in the
Administration Console. (PK97376)

- An error when defining a wsadmin scripting
'J2CConnectionFactory' object results in passwords being
stored unencrypted in the resources.xml file. (PK95089)

- An error related to the ORB ListenerThread could allow
remote, authenticated users to cause a denial of service.

- An information disclosure vulnerability in SIP logging
could allow a local, authenticated attacker to gain
access to sensitive information. (PM08892)

- An information disclosure vulnerability exists when the
'-trace' option (aka debugging mode) is enabled since
WAS executes debugging statements that print string
representations of unspecified objects. (PM06839)

- The Web Container does not properly handle long
filenames, which may cause it to respond with the
incorrect file, resulting in the disclosure of
potentially sensitive information. (PM06111)

- An error occurs when the Web Contained calls
response.sendRedirect with a Transfer-Encoding:
chunked, which could cause a denial of service.

- WS-Security processing problems with PKIPath and
PKCS#7 tokens could lead to a security bypass
vulnerability. (PK96427)

- An Out-Of-Memory condition related to the
Deployment Manager and nodeagent could lead to a
denial of service. (PM05663)

See also :

Solution :

If using WebSphere Application Server, apply Fix Pack 31 ( or

Otherwise, if using embedded WebSphere Application Server packaged with
Tivoli Directory Server, apply the latest recommended eWAS fix pack.

Risk factor :

Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.2
Public Exploit Available : false