IBM WebSphere Application Server 7.0 < Fix Pack 25 Multiple Vulnerabilities

This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.


Synopsis :

The remote application server may be affected by multiple vulnerabilities.

Description :

IBM WebSphere Application Server 7.0 before Fix Pack 25 appears to be
running on the remote host. As such, it is potentially affected by the
following vulnerabilities :

- Several errors exist related to SSL/TLS that can allow
an attacker to carry out denial of service attacks
against the application. (CVE-2012-2190, CVE-2012-2191,
PM66218)

- Unspecified cross-site scripting issues exist related to
the administrative console. (CVE-2012-3293, PM60839)

- An unspecified error in the 'ISC Console' can allow a
remote attacker to take over a valid user's session.
(CVE-2012-3304, PM54356)

- An unspecified directory traversal error exists that
can allow remote attackers to overwrite files outside
the application's deployment directory. (CVE-2012-3305,
PM62467)

- When multi-domain support is enabled, the application
does not properly purge passwords from the
authentication cache. (CVE-2012-3306, PM66514)

- An error exists related to 'Federated Repositories',
'IIOP' connections, 'CBIND' checking and 'Optimized
Local Adapters' that can allow a remote attacker to
bypass security restrictions. Note that this issue
affects the application when running on z/OS.
(CVE-2012-3311, PM61388)

- The fix contained in PM44303 contains an error that
can allow an authenticated attacker to bypass security
restrictions and gain administrative access to the
application. (CVE-2012-3325, PM71296)

See also :

http://www-01.ibm.com/support/docview.wss?uid=swg21404665
http://www-01.ibm.com/support/docview.wss?uid=swg27009778
http://www.nessus.org/u?bad06dcb
http://www.nessus.org/u?58770565
http://www.nessus.org/u?80adf3bd
http://www.nessus.org/u?fcf28d02
https://www-304.ibm.com/support/docview.wss?uid=swg21618044
https://www-304.ibm.com/support/docview.wss?uid=swg21620517
https://www-304.ibm.com/support/docview.wss?uid=swg21620518
http://www-01.ibm.com/support/docview.wss?uid=swg24033267
http://www-01.ibm.com/support/docview.wss?uid=swg27014463#70025
http://www-01.ibm.com/support/docview.wss?uid=swg21611313

Solution :

If using WebSphere Application Server, apply Fix Pack 25 (7.0.0.25) or
later.

Otherwise, if using embedded WebSphere Application Server packaged with
Tivoli Directory Server, apply the latest recommended eWAS fix pack.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.9
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false