IBM WebSphere Application Server 7.0 < Fix Pack 13 Multiple Vulnerabilities

high Nessus Plugin ID 50561

Synopsis

The remote application server is affected by multiple vulnerabilities.

Description

IBM WebSphere Application Server 7.0 before Fix Pack 13 appears to be running on the remote host. As such, it is reportedly affected by the following vulnerabilities :

- A cross-site scripting vulnerability exists in the administrative console due to improper filtering on input values. (PM14251)

- A cross-site scripting vulnerability exists in the Integrated Solution Console due to improper filtering on input values. (PM11777)

- An unspecified cross-site request forgery vulnerability exists in the administrative console for WebSphere Application Server. (PM18909)

- An unspecified cross-site scripting vulnerability exists in the administrative console for WebSphere Application Server for z/OS. (PM17046)

- An error exists in JAX-WS WS-Security, which mishandles timestamps in the WS-SecurityPolicy specification.
(PM16014)

- An error exists in the JAX-WS API, which allows an attacker to cause a denial of service by sending a specially crafted JAX-WS request. The server will begin sending corrupt data to its clients. (PM13777)

- Apache Axis2/Java, used by WebSphere, is vulnerable to denial of service and information disclosure attacks due to an error in its XML DTD handling processes. (PM14844)

- An unspecified error exists in the administration console that can cause high CPU usage and denial of service when specially crafted URLs are requested.
(PM11807)

Solution

If using WebSphere Application Server, apply Fix Pack 13 (7.0.0.13) or later.

Otherwise, if using embedded WebSphere Application Server packaged with Tivoli Directory Server, apply the latest recommended eWAS fix pack.

See Also

http://www-01.ibm.com/support/docview.wss?uid=swg21404665

http://www-01.ibm.com/support/docview.wss?uid=swg27009778

http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27014463#70013

https://issues.apache.org/jira/browse/AXIS2-4450

Plugin Details

Severity: High

ID: 50561

File Name: websphere_7_0_0_13.nasl

Version: 1.14

Type: remote

Family: Web Servers

Published: 11/11/2010

Updated: 8/6/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.3

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:ibm:websphere_application_server

Required KB Items: www/WebSphere

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/5/2010

Vulnerability Publication Date: 8/26/2010

Exploitable With

CANVAS (D2ExploitPack)

Elliot (Apache Axis2 File Disclosure)

Reference Information

CVE: CVE-2010-0781, CVE-2010-0783, CVE-2010-0784, CVE-2010-0785, CVE-2010-0786, CVE-2010-1632, CVE-2010-3186, CVE-2010-4220

BID: 40976, 42801, 43425, 43874, 43875, 44670, 44862, 44875

CWE: 20, 442, 629, 711, 712, 722, 725, 74, 750, 751, 79, 800, 801, 809, 811, 864, 900, 928, 931, 990

Secunia: 40252, 40279, 41173, 41722, 42136