IBM WebSphere Application Server 8.0 < Fix Pack 1 Multiple Vulnerabilities

This script is Copyright (C) 2011-2014 Tenable Network Security, Inc.


Synopsis :

The remote application server may be affected by multiple
vulnerabilities.

Description :

IBM WebSphere Application Server 8.0 before Fix Pack 1 appears to be
running on the remote host and is potentially affected by the
following vulnerabilities :

- An open redirect vulnerability exists related to the
'logoutExitPage' parameter. This can allow remote
attackers to trick users into requesting unintended
URLs. (PM35701)

- The administrative console can display a stack trace
under unspecified circumstances and can disclose
potentially sensitive information to local users.
(PM36620)

- An unspecified error exists that can allow cross-site
request forgery attacks. (PM36734)

- A token verification error exists in the bundled
OpenSAML library. This error can allow an attacker to
bypass security controls with an XML signature wrapping
attack via SOAP messages. (PM43254)

- A directory traversal attack is possible via unspecified
parameters in the 'help' servlet. (PM45322)

- The JavaServer Faces (JSF) application functionality
could allow a remote attacker to read files because it
fails to properly handle requests. (PM45992)

- The HTTP server contains an error in the 'ByteRange'
filter and can allow denial of service attacks when
processing malicious requests. (PM46234)

See also :

http://www.ibm.com/support/docview.wss?uid=swg27022958
http://www-01.ibm.com/support/docview.wss?uid=swg24030916
http://www-01.ibm.com/support/docview.wss?uid=swg21512087

Solution :

Apply Fix Pack 1 for version 8.0 (8.0.0.1) or later.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 6.8
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true