IBM WebSphere Application Server < 6.0.2.35 Multiple Vulnerabilities

medium Nessus Plugin ID 38978

Synopsis

The remote application server is affected by multiple vulnerabilities.

Description

IBM WebSphere Application Server 6.0.2 before Fix Pack 35 appears to be running on the remote host. As such, it is reportedly affected by multiple vulnerabilities :

- Non-standard HTTP methods are allowed. (PK73246)

- A login using the LPTAToken cookie may result in extending LTPAToken expiration time longer than the LTPAToken timeout value. (PK75919)

- Cross-site scripting vulnerabilities exist in sample applications. (PK76720)

- If the admin console is directly accessed from http, the console fails to redirect the connection to a secure login page. (PK77010)

- 'wsadmin' is affected by a security exposure. (PK77495)

- XML digital signature is affected by a security issue.
(PK80596)

- In certain cases, application source files are exposed. (PK81387)

- Configservice APIs could display sensitive information. (PK84999)

Solution

Apply Fix Pack 35 (6.0.2.35) or later.

See Also

http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27006876#60235

Plugin Details

Severity: Medium

ID: 38978

File Name: websphere_6_0_2_35.nasl

Version: 1.17

Type: remote

Family: Web Servers

Published: 6/2/2009

Updated: 8/6/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: cpe:/a:ibm:websphere_application_server

Required KB Items: www/WebSphere

Exploit Ease: No known exploits are available

Patch Publication Date: 6/1/2009

Reference Information

CVE: CVE-2009-1898, CVE-2009-1899, CVE-2009-1900, CVE-2009-1901

BID: 35405

CWE: 200

Secunia: 35301