IBM WebSphere Application Server 6.1 < Multiple Vulnerabilities

This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.

Synopsis :

The remote application server is affected by multiple vulnerabilities.

Description :

IBM WebSphere Application Server 6.1 before Fix Pack 41 appears to be
running on the remote host. As such, it is potentially affected by
the following vulnerabilities :

- A cross-site scripting vulnerability via vectors
related to web messaging. (CVE-2011-5065)

- A cross-site scripting vulnerability in the Installation
Verification Test (IVT) in the Install component.

- The SibRaRecoverableSiXaResource class in the Default
Messaging Component does not properly handle a Service
Integration Bus (SIB) dump operation involving the
Failure Data Capture (FFDC) introspection code. This
can allow local users to obtain sensitive information by
reading the FFDC log file. (CVE-2011-5066)

- A directory traversal vulnerability in the
administration console that allows remote attackers to
read arbitrary files on the host. (CVE-2011-1359)

- A potential Denial of Service with malicious range
requests. (CVE-2011-3192)

- An unspecified vulnerability in the Web Services
Security component when enabling WS-Security for a
JAX-WS application. (CVE-2011-1377)

See also :

Solution :

If using WebSphere Application Server, apply Fix Pack 41 ( or

Otherwise, if using embedded WebSphere Application Server packaged with
Tivoli Directory Server, apply the latest recommended eWAS fix pack.

Risk factor :

Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true

Family: Web Servers

Nessus Plugin ID: 57607 ()

Bugtraq ID: 49362

CVE ID: CVE-2011-1359