IBM WebSphere Application Server 8.5 < Fix Pack 8.5.5.2 Multiple Vulnerabilities

High Nessus Plugin ID 74235

Synopsis

The remote application server may be affected by multiple vulnerabilities.

Description

IBM WebSphere Application Server 8.5 prior to Fix Pack 8.5.5.2 appears to be running on the remote host and is, therefore, potentially affected by the following vulnerabilities :

- Numerous errors exist related to the included IBM SDK for Java (based on the Oracle JDK) that could allow denial of service attacks and information disclosure.
(CVE-2013-5372, CVE-2013-5780, CVE-2013-5803)

- User input validation errors exist related to the Administrative console and the Oauth component that could allow cross-site scripting attacks.
(CVE-2013-6725 / PM98132, CVE-2013-6323 / PI04777, CVE-2013-6738 / PI05661)

- An error exists due to a failure to properly handle by web services endpoint requests that could allow denial of service attacks.
(CVE-2013-6325 / PM99450, PI08267)

- An error exists in the included IBM Global Security Kit related to SSL handling that could allow denial of service attacks. (CVE-2013-6329 / PI05309)

- A flaw exists with the 'mod_dav' module that is caused when tracking the length of CDATA that has leading white space. A remote attacker with a specially crafted DAV WRITE request can cause the service to stop responding. (CVE-2013-6438 / PI09345)

- An error exists in the included IBM Global Security Kit related to malformed X.509 certificate chain handling that could allow denial of service attacks.
(CVE-2013-6747 / PI09443)

- An error exists in the included Apache Tomcat version related to handling 'Content-Type' HTTP headers and multipart requests such as file uploads that could allow denial of service attacks. (CVE-2014-0050 / PI12648, PI12926)

- An unspecified error exists that could allow file disclosures to remote unauthenticated attackers.
(CVE-2014-0823 / PI05324)

- An unspecified error exists related to the Administrative console that could allow a security bypass. (CVE-2014-0857 / PI07808)

- An error exists related to a web server plugin and retrying failed POST requests that could allow denial of service attacks. (CVE-2014-0859 / PI08892)

- An error exists related to the Proxy and ODR components that could allow information disclosure. (CVE-2014-0891 / PI09786)

- An unspecified error exists related to the 'Liberty Profile' that could allow information disclosure.
(CVE-2014-0896 / PI10134)

Solution

Apply Fix Pack 8.5.5.2 for version 8.5 (8.5.5.0) or later.

See Also

http://www-01.ibm.com/support/docview.wss?uid=swg24037250

http://www-01.ibm.com/support/docview.wss?uid=swg27036319#8552

https://www-304.ibm.com/support/docview.wss?uid=swg21669554

http://www-01.ibm.com/support/docview.wss?uid=swg21655990

Plugin Details

Severity: High

ID: 74235

File Name: websphere_8_5_5_2.nasl

Version: 1.11

Type: remote

Family: Web Servers

Published: 2014/05/29

Updated: 2018/08/06

Dependencies: 57034

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.8

Temporal Score: 6.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:ibm:websphere_application_server

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2014/04/28

Vulnerability Publication Date: 2013/10/16

Reference Information

CVE: CVE-2013-5372, CVE-2013-5780, CVE-2013-5803, CVE-2013-6323, CVE-2013-6325, CVE-2013-6329, CVE-2013-6438, CVE-2013-6725, CVE-2013-6738, CVE-2013-6747, CVE-2014-0050, CVE-2014-0823, CVE-2014-0857, CVE-2014-0859, CVE-2014-0891, CVE-2014-0896

BID: 63082, 63115, 63224, 64249, 65096, 65099, 65156, 65400, 66303, 67051, 67327, 67328, 67329, 67335, 67579, 67720

CWE: 20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990