IBM WebSphere Application Server 7.0 < Fix Pack 29 Multiple Vulnerabilities

This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.

Synopsis :

The remote application server is potentially affected by multiple

Description :

IBM WebSphere Application Server 7.0 before Fix Pack 29 appears to be
running on the remote host. It is, therefore, potentially affected by
the following vulnerabilities :

- The TLS protocol in the GSKIT component is vulnerable
to a plaintext recovery attack. (CVE-2013-0169, PM85211)

- The WS-Security run time contains a flaw that could be
triggered by a specially crafted SOAP request to execute
arbitrary code. (CVE-2013-0482, PM76582)

- A denial of service vulnerability exists, caused by a
buffer overflow on localOS registry when using WebSphere
Identity Manager (WIM). (CVE-2013-0541, PM74909)

- An unspecified cross-site scripting vulnerability exists
related to the administrative console. (CVE-2013-0542,
CVE-2013-2967, PM78614, PM81846)

- A validation flaw exists relating to 'Local OS
registries' that may allow a remote attacker to bypass
security. (CVE-2013-0543, PM75582)

- A directory traversal vulnerability exists in the
administrative console via the 'PARAMETER' parameter.
(CVE-2013-0544, PM82468)

- A flaw exists relating to OAuth that could allow a
remote attacker to obtain someone else's credentials.
(CVE-2013-0597, PM85834, PM87131)

- A flaw exists relating to OpenJPA that is triggered
during deserialization that may allow a remote attacker
to write to the file system and potentially execute
arbitrary code. (CVE-2013-1768, PM86780, PM86786,
PM86788, PM86791)

- An information disclosure issue exists relating to
incorrect caching by the administrative console.
(CVE-2013-2976, PM79992)

- A user-supplied input validation error exists that could
allow cross-site request (CSRF) attacks to be carried
out. (CVE-2013-3029, PM88746)

See also :

Solution :

If using WebSphere Application Server, apply Fix Pack 29 (
or later.

Otherwise, if using embedded WebSphere Application Server packaged
with Tivoli Directory Server, apply the latest recommended eWAS fix

Risk factor :

Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 7.4
Public Exploit Available : false

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now