IBM WebSphere Application Server 8.5 < Fix Pack 8.5.5.3 Multiple Vulnerabilities

This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.


Synopsis :

The remote application server may be affected by multiple
vulnerabilities.

Description :

The remote host appears to be running IBM WebSphere Application Server
8.5 prior to Fix Pack 8.5.5.3. It is, therefore, affected by the
following vulnerabilities :

- A flaw exists in the Elliptic Curve Digital Signature
Algorithm implementation which could allow a malicious
process to recover ECDSA nonces.
(CVE-2014-0076, PI19700)

- A denial of service flaw exists in the 'mod_log_config'
when logging a cookie with an unassigned value. A remote
attacker, using a specially crafted request, can cause
the program to crash. (CVE-2014-0098, PI13028)

- A denial of service flaw exists within the IBM Security
Access Manager for Web with the Reverse Proxy component.
This could allow a remote attacker, using specially
crafted TLS traffic, to cause the application on the
system to become unresponsive. (CVE-2014-0963, PI17025)

- An information disclosure flaw exists when handling SOAP
responses. This could allow a remote attacker to
potentially gain access to sensitive information.
(CVE-2014-0965, PI11434)

- An information disclosure flaw exists. A remote
attacker, using a specially crafted URL, could gain
access to potentially sensitive information.
(CVE-2014-3022, PI09594)

- A flaw exists within the 'addFileRegistryAccount'
Virtual Member Manager SPI Admin Task, which creates
improper accounts. This could allow a remote attacker
to bypass security checks. (CVE-2014-3070, PI16765)

- An unspecified information disclosure flaw exists. This
could allow a remote attacker access to gain sensitive
information. (CVE-2014-3083, PI17768)

- An information disclosure flaw exists within the
'share/classes/sun/security/rsa/RSACore.java' class
related to 'RSA blinding' caused during operations using
private keys and measuring timing differences. This
could allow a remote attacker to gain information about
used keys. (CVE-2014-4244)

- A flaw exists within the 'validateDHPublicKey' function
in the 'share/classes/sun/security/util/KeyUtil.java'
class which is triggered during the validation of
Diffie-Hellman public key parameters. This could allow a
remote attacker to recover a key. (CVE-2014-4263)

- A flaw exists within the Load Balancer for IPv4
Dispatcher component. This could allow a remote attacker
to crash the Load Balancer. (CVE-2014-4764, PI21189)

- A flaw exists within the Liberty Repository when
installing features. This could allow an authenticated
remote attacker to install and execute arbitrary code.
(CVE-2014-4767, PI21284)

See also :

http://www.nessus.org/u?6f6f4bc1
http://www-01.ibm.com/support/docview.wss?uid=swg24038133
http://www-01.ibm.com/support/docview.wss?uid=swg27036319#8553
https://www-304.ibm.com/support/docview.wss?uid=swg21681249
https://www-304.ibm.com/support/docview.wss?uid=swg21680418

Solution :

Apply Fix Pack 8.5.5.3 for version 8.5 (8.5.0.0) or later.

Risk factor :

High / CVSS Base Score : 7.1
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 6.2
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now