IBM WebSphere Application Server 7.0 < Fix Pack 5

Medium Nessus Plugin ID 40823

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 6.7

Synopsis

The remote application server is affected by multiple vulnerabilities.

Description

IBM WebSphere Application Server 7.0 before Fix Pack 5 appears to be running on the remote host. As such, it is reportedly affected by multiple vulnerabilities :

 - Non-standard HTTP methods are allowed. (PK73246)

 - If the admin console is directly accessed from HTTP, the console fails to redirect the connection to a secure login page. (PK77010)

 - An error in Single Sign-on (SSO) with SPNEGO implementation could allow a remote attacker to bypass security restrictions. (PK77465)

 - 'wsadmin' is affected by a security exposure. (PK77495)

- Security flag 'isSecurityEnabled' is incorrectly set after migrating from VMM. (PK78134)

 - Use of insecure password obfuscation algorithm by Web services could result in weaker than expected security provided the client module specifies a password in ibm-webservicesclient-bind.xmi and target environment has custom password encryption enabled. (PK79275)

 - After upgrading from WebSphere Application Server V6.1 to V7.0 with tracing enabled, an attacker may be able view sensitive information by viewing the trace files.
 (PK80337)

- If CSIv2 Security is configured with Identity Assertion, it may be possible for a remote attacker to bypass security restrictions. (PK83097)

 - New applications deployed in WebSphere Application Server for z/OS prior to 1.8 are saved on the file system with insecure privileges resulting in disclosure of sensitive information. (PK83308)

 - Configservice APIs could display sensitive information.
 (PK84999)

 - Vulnerabilities in Apache HTTP server could allow a local user to gain elevated privileges. (PK86232)

 - A error in 'wsadmin' could allow a remote attacker to bypass security restrictions. (PK86328)
- A vulnerability in portlet serving enable parameter could allow an attacker to bypass security restrictions and gain unauthorized access to the application. (PK89385)

Solution

Apply Fix Pack 5 (7.0.0.5) or later.

See Also

http://www-01.ibm.com/support/docview.wss?uid=swg27014463#7005

Plugin Details

Severity: Medium

ID: 40823

File Name: websphere_7_0_0_5.nasl

Version: 1.13

Type: remote

Family: Web Servers

Published: 2009/08/31

Updated: 2018/08/06

Dependencies: 57034

Risk Information

Risk Factor: Medium

VPR Score: 6.7

CVSS v2.0

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:ibm:websphere_application_server

Required KB Items: www/WebSphere

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2009/07/27

Vulnerability Publication Date: 2009/07/27

Reference Information

CVE: CVE-2009-0899, CVE-2009-1195, CVE-2009-1898, CVE-2009-1899, CVE-2009-1900, CVE-2009-1901, CVE-2009-2085, CVE-2009-2087, CVE-2009-2088, CVE-2009-2089, CVE-2009-0899, CVE-2009-2090, CVE-2009-2091, CVE-2009-2092

BID: 36153, 36154, 36155, 36156, 36157, 36158, 36163

CWE: 16, 200, 255, 264, 287