IBM WebSphere Application Server < 220.127.116.11 Multiple Vulnerabilities
Medium Nessus Plugin ID 39450
SynopsisThe remote application server is affected by multiple vulnerabilities.
DescriptionIBM WebSphere Application Server 6.1 before Fix Pack 25 appears to be running on the remote host. As such, it is reportedly affected by multiple vulnerabilities :
- Non-standard HTTP methods are allowed. (PK73246)
- An error in Single Sign-on (SSO) with SPNEGO implementation could allow a remote attacker to bypass security restrictions. (PK77465)
- 'wsadmin' is affected by a security exposure. (PK77495)
- Security flag 'isSecurityEnabled' is incorrectly set after migrating from VMM. (PK78134)
- In certain cases sensitive information may appear in migration trace. (PK78134)
- Use of insecure password obfuscation algorithm by Web services could result in weaker than expected security provided the client module specifies a password in ibm-webservicesclient-bind.xmi and target environment has custom password encryption enabled. (PK79275)
- Sensitive information might appear in trace files.
- XML digital signature is affected by a security issue.
- If CSIv2 Security is configured with Identity Assertion, it may be possible for a remote attacker to bypass security restrictions. (PK83097)
- IBM Stax XMLStreamWriter may write to an incorrect XML file, and hence is susceptible to a XML fuzzing attack.
- Configservice APIs could display sensitive information.
- A security bypass caused by inbound requests that lack a SOAPAction or WS-Addressing Action. (PK72138)
SolutionIf using WebSphere Application Server, apply Fix Pack 25 (18.104.22.168) or later.
Otherwise, if using embedded WebSphere Application Server packaged with Tivoli Directory Server, apply the latest recommended eWAS fix pack.