Security Advisory SA37221 - IBM WebSphere Application Server Multiple Vulnerabilities

Secunia

Blog

Secunia Advisory SA37221

IBM WebSphere Application Server Multiple Vulnerabilities

Secunia Advisory

SA37221

Release Date

2009-11-02

Last Update

2009-12-16

Popularity

5,095 views

Comments

0 comments

Criticality level

Less critical

Impact

Cross Site Scripting
Exposure of sensitive information
DoS

Where

From remote

Authentication level

This information is available to Secunia VIM customers

Report reliability

This information is available to Secunia VIM customers

Solution Status

Vendor Patch

Systems affected

This information is available to Secunia VIM customers

Approve distribution

This information is available to Secunia VIM customers

Software:

IBM WebSphere Application Server 7.0.x

Secunia CVSS Score

This information is available to Secunia VIM Customers

CVE Reference(s)

Description

Some vulnerabilities have been reported in IBM WebSphere Application Server, which can be exploited by malicious users to disclose potentially sensitive information or cause a DoS (Denial of Service), and by malicious people to potentially disclose sensitive information, conduct cross-site scripting and cross-site request forgery attacks, or cause a DoS.

1) Some vulnerabilities in APR-util can be exploited by malicious users and malicious people to disclose potentially sensitive information or cause a DoS.

For more information:
SA35284

2) An unspecified error in the "Apr_xml_*" interface can be exploited to cause a DoS.

3) The administrative console allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform normally restricted actions if a logged-in user visits a malicious web site.

4) An error in the included web server can be exploited to e.g. cause a high CPU load via specially crafted HTTP requests.

For more information:
SA35781

5) Some vulnerabilities in IBM HTTP Server can be exploited by malicious users and malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service).

For more information:
SA36619
SA37050

6) Input passed to the administrative console is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

7) An error in the Java Naming and Directory Interface (JNDI) can be exploited to query UserRegistry objects.

Solution
Update to Fix Pack 7 (7.0.0.7).

Provided and/or discovered by
Reported by the vendor.

Changelog
Further details available to Secunia VIM customers

Original Advisory
IBM (PK92057, PK91414):
http://www-01.ibm.com/support/docview.wss?uid=swg27014463

IBM (PK88341, PK88342):
http://www-01.ibm.com/support/docview.wss?uid=swg1PK99478

IBM (PK87176):
http://www-01.ibm.com/support/docview.wss?uid=swg1PK99477

IBM (PK91361):
http://www-01.ibm.com/support/docview.wss?uid=swg1PK99480

IBM ISS X-Force:
http://xforce.iss.net/xforce/xfdb/54228
http://xforce.iss.net/xforce/xfdb/54229

Other references
Further details available to Secunia VIM customers

Deep Links
Links available to Secunia VIM customers

Do you have additional information related to this advisory?

Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this information to vuln@secunia.com

Subject: IBM WebSphere Application Server Multiple Vulnerabilities

No posts yet

Secunia Advisory SA37221

IBM WebSphere Application Server Multiple Vulnerabilities

Do you have additional information related to this advisory?

You must be logged in to post a comment.

Secunia Customer Login

Not a customer already?