IBM WebSphere Application Server 6.1 < Multiple Vulnerabilities

This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.

Synopsis :

The remote application server is affected by multiple vulnerabilities.

Description :

IBM WebSphere Application Server 6.1 before Fix Pack 43 appears to be
running on the remote host. As such, it is potentially affected by
the following vulnerabilities :

- An unspecified error exists related to WS-Security
enabled JAX-RPC applications. (PM45181)

- Insecure file permissions are applied to the files in
the '$WAS_HOME/systemapps/isclite.ear' and
'$WAS_HOME/bin/client_ffdc' directories. These
permissions can allow a local attacker read or write
files in those directories. Note this issue only
affects the application on the IBM i operating system.

- An error exists in the class
'' and can
allow old passwords to still provide access. This error
is triggered when passwords are updated by using IBM
Tivoli Directory Server. (PM52049)

- Unspecified cross-site scripting issues exist related to
the administrative console. (PM52274, PM53132)

- SSL client certificate authentication can be bypassed
when all of the following are true (PM52351) :

- SSL is enabled with 'SSLEnable'
- SSL client authentication is enabled with
'SSLClientAuth required_reset'. This is not enabled
by default. Also note, 'SSLClientAuth required' is
not affected
- SSLv2 has not been disabled with
'SSLProtocolDisable SSLv2'
- 'SSLClientAuthRequire' is not enabled

- An issue related to the weak randomization of Java hash
data structures can allow a remote attacker to cause a
denial of service with maliciously crafted POST requests.

See also :

Solution :

If using WebSphere Application Server, apply Fix Pack 43 ( or

Otherwise, if using embedded WebSphere Application Server packaged with
Tivoli Directory Server, apply the latest recommended eWAS fix pack.

Risk factor :

Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.1
Public Exploit Available : true