IBM WebSphere Application Server 8.5 < Fix Pack 8.5.5 Multiple Vulnerabilities

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote application server may be affected by multiple
vulnerabilities.

Description :

IBM WebSphere Application Server 8.5 before Fix Pack 8.5.5 appears to
be running on the remote host and is, therefore, potentially affected by
the following vulnerabilities :

- The TLS protocol in the GSKIT component is vulnerable
to a plaintext recovery attack. (CVE-2013-0169, PM85211)

- The WS-Security run time contains a flaw that could be
triggered by a specially crafted SOAP request to execute
arbitrary code. (CVE-2013-0482, PM76582)

- A flaw exists relating to OAuth that could allow a
remote attacker to obtain someone else's credentials.
(CVE-2013-0597, PM85834, PM87131)

- A flaw exists relating to OpenJPA that is triggered
during deserialization, which could allow a remote
attacker to write to the file system and potentially
execute arbitrary code. (CVE-2013-1768, PM86780,
PM86786, PM86788, PM86791)

- An unspecified cross-site scripting vulnerability exists
related to the administrative console. (CVE-2013-2967,
PM78614)

- An unspecified vulnerability exists. (CVE-2013-2975)

- An information disclosure vulnerability exists relating
to incorrect caching by the administrative console.
(CVE-2013-2976, PM79992)

- An improper process initialization flaw exists on UNIX
platforms that could allow a local attacker to execute
arbitrary commands. (CVE-2013-3024, PM86245)

See also :

https://www-304.ibm.com/support/docview.wss?&uid=swg21639553
http://www.nessus.org/u?aa3b02e5

Solution :

Apply Fix Pack 8.5.5 for version 8.5 (8.5.5.0) or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false