IBM WebSphere Application Server 7.0 < Fix Pack 31 Multiple Vulnerabilities

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote application server is potentially affected by multiple
vulnerabilities.

Description :

IBM WebSphere Application Server 7.0 before Fix Pack 31 appears to be
running on the remote host. It is, therefore, potentially affected by
the following vulnerabilities :

- A flaw in the mod_rewrite module of Apache HTTP Server
potentially allows a remote attacker to execute
arbitrary code via HTTP. (CVE-2013-1862, PM87808)

- An XSS vulnerability exists in IBM WebSphere Application
Server due to a failure to sanitize user-supplied input
in the Administrative console. (CVE-2013-4005, PM88208)

- A denial of service vulnerability exists when using the
optional mod_dav module. (CVE-2013-1896, PM89996)

- A denial of service vulnerability exists due the use of
Apache Ant to compress files. (CVE-2012-2098, PM90088)

- A privilege escalation vulnerability exists on IBM
WebSphere Application Servers using WS-Security that are
configured for XML Digital Signature using trust store.
(CVE-2013-4053, PM90949, PM91521)

- An XSS vulnerability exists in IBM WebSphere Application
Server caused by a failure to sanitize user-supplied
input in the UDDI Administrative console.
(CVE-2013-4052, PM91892)

- A privilege escalation vulnerability exists in IBM
WebSphere Application Servers that have been migrated
from version 6.1 or later. (CVE-2013-5414, PM92313)

- An XSS vulnerability exists in IBM WebSphere Application
Server due to a failure to sanitize application HTTP
response data. (CVE-2013-5417, PM93323, PM93944)

- An XSS vulnerability exists in IBM WebSphere Application
Server due to a failure to sanitize user-supplied input
in the Administrative console. (CVE-2013-5418, PM96477)

- An XSS vulnerability exists in IBM WebSphere Application
Server due to a failure to sanitize user-supplied input
in the Administrative console. (CVE-2013-6725, PM98132)

- An information disclosure vulnerability exists in IBM
WebSphere Application Servers configured to use static
file caching using the simpleFileServlet.
(CVE-2013-6330, PM98624)

- A denial of service vulnerability exists in IBM
WebSphere Application Server due to a failure to
properly handle requests by a web services endpoint.
(CVE-2013-6325, PM99450)

- An information disclosure vulnerability exists in the
IBM SDK for Java that ships with IBM WebSphere
Application Server related to JSSE. (CVE-2013-5780)

- A denial of service vulnerability exists in the IBM SDK
for Java that ships with IBM WebSphere Application
Server related to XML. (CVE-2013-5372)

- A denial of service vulnerability exists in the IBM SDK
for Java that ships with IBM WebSphere Application
Server related to JSSE. (CVE-2013-5803)

See also :

http://www.nessus.org/u?d2f64a49
https://www-304.ibm.com/support/docview.wss?uid=swg21661323
https://www-304.ibm.com/support/docview.wss?uid=swg21655990

Solution :

If using WebSphere Application Server, apply Fix Pack 31 (7.0.0.31)
or later.

Otherwise, if using embedded WebSphere Application Server packaged
with Tivoli Directory Server, apply the latest recommended eWAS fix
pack.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.9
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false