Announcement Announcement Module
Collapse
No announcement yet.
Advisory - Multiple Vulnerabilities in IBM Websphere Server Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Advisory - Multiple Vulnerabilities in IBM Websphere Server

    Multiple Vulnerabilities in IBM Websphere Server


    Severity Rating: High

    Systems Affected
    • WebSphere Application Server for Computer Grid version 8
    • IBM WebSphere Application Servers 6.1, 7, 8, 8.5 (including Full and Liberty Profile)

    Components Affected
    • IBM HTTP Server
    • Content Manager On Demand version 8.5 and 9.0
    • IBM SmartCloud Analytics Log Analysis 1.1 and 1.2
    • Apache Commons FileUpload versions prior to 1.3.1

    Overview
    Multiple vulnerabilities have been reported in IBM WebSphere Web Application Server (WAS) which could allow a remote attacker to bypass certain access restrictions, cause XSS attacks, denial of service attacks and potential information disclosure.

    Description

    1. IBM WebSphere Extended Deployment Compute Grid Information Disclosure Vulnerability

    This vulnerability is present in IBM WebSphere Extended Deployment Compute Grid 8.0 before 8.0.0.3. If successfully exploited, it could allow a remote, authenticated attacker to gather sensitive information, which may further result in bypassing of the implemented access restrictions.

    2. IBM WebSphere Application Server Cross Site Scripting Vulnerability
    These vulnerabilities are caused due to improper input sanitization in the Administrative Console. A remote attacker, with admin privileges, could exploit these vulnerabilities by creating a specially crafted URL to inject malicious script into the victim's Web browser, thereby launching Cross-site scripting attack.

    3. IBM WebSphere Application Server Denial of Service Vulnerability
    This vulnerability is caused due to improper handling of requests by a web services endpoint in IBM WebSphere Application Server. A remote attacker could exploit this vulnerability by passing a specially-crafted request and launch denial of service attack by exhausting available resources.

    4. IBM Global Security Kit Remote Denial of Service Vulnerability
    Two vulnerabilities exist in IBM Global Security Kit/GSKit. A remote attacker could exploit these vulnerabilities to cause denial of service by establishing a crafted handshake while recommencement of an SSLv2 session.

    5. IBM WebSphere Application Server Information Disclosure Vulnerability

    Two vulnerabilities exist in IBM WebSphere Application Server Full and Liberty Profile. A remote attacker could exploit these vulnerabilities by providing specially-crafted URLs and thereby view arbitrary/sensitive files.

    6. IBM SmartCloud Analytics Log Analysis Cross Site Scripting Vulnerability
    This vulnerability exists in IBM SmartCloud Analytics Log Analysis due to improper validation of user supplied input by IBM WebSphere Application Server Oauth. If successfully exploited, this vulnerability could allow a remote attacker to create a specially-crafted URL to execute script in a victim’s Web browser and launch cross-site scripting attack.

    7. IBM WebSphere Web Application Server Information Disclosure Vulnerability
    This vulnerability exists in the admin console in IBM WAS due to improper handling of user requests. A remote, authenticated attacker could successfully exploit this vulnerability to access sensitive information by supplying crafted request.

    8. IBM WebSphere Application Server Web Server Plugin Denial of Service Vulnerability
    This vulnerability exists in the web server plugin of IBM WAS which is configured to retry unsuccessful POST requests. A remote attacker could exploit this vulnerability to cause denial of service conditions and cause the application server to crash.

    9. IBM HTTP Server Denial of Service Vulnerability
    This vulnerability exists due to the optional mod_dav module, while using mod_dav add-ons, being vulnerable to buffer overflow. A remote attacker could exploit this vulnerability by swarming the buffer and thus causing denial of service.

    10. IBM HTTP Server GSKit Denial of Service Vulnerability
    This vulnerability exists due to an error in the GSKit component. A remote attacker could use a malformed certificate chain to establish an SSL/TLS connection and hence exploit this vulnerability making the server process to hang/crash.

    11. IBM WebSphere Application Server Proxy and ODR Servers Information Disclosure Vulnerability
    This vulnerability exists due to improper handling of requests by Proxy and ODR servers. A local attacker could successfully exploit this vulnerability to access sensitive information.

    12. Apache Commons FileUpload Denial Of Service Vulnerability
    This vulnerability exists due to improper checking of intended exit conditions by MultipartStream.java in Apache Commons FileUpload. A remote attacker could exploit this vulnerability via a crafted content-type, thereby causing an infinite loop, which may result in denial of service conditions.

    Solution
    Apply the appropriate fix/patch as mentioned by the vendor:-
    https://www-304.ibm.com/support/docv...id=swg21669554
    https://www-304.ibm.com/support/docv...id=swg24036723

    Vendor Information
    IBM
    http://www-01.ibm.com/support/docvie...id=swg21669554

    References
    SecurityFocus
    http://www.securityfocus.com/bid/61992
    http://www.securityfocus.com/bid/65099
    http://www.securityfocus.com/bid/65096
    http://www.securityfocus.com/bid/64249
    http://www.securityfocus.com/bid/67051
    http://www.securityfocus.com/bid/66303
    http://www.securityfocus.com/bid/65156
    http://www.securityfocus.com/bid/67014
    http://www.securityfocus.com/bid/65400

    Secunia
    http://secunia.com/advisories/cve_re...CVE-2013-4039/
    http://secunia.com/advisories/cve_re...CVE-2013-6725/
    http://secunia.com/advisories/cve_re...CVE-2013-6325/
    http://secunia.com/advisories/cve_re...CVE-2013-6329/
    http://secunia.com/advisories/cve_re...CVE-2013-6738/
    http://secunia.com/advisories/cve_re...CVE-2013-6438/
    http://secunia.com/advisories/cve_re...CVE-2014-0892/
    http://secunia.com/advisories/cve_re...CVE-2014-0050/

  • #2

    Denial of Service Vulnerability in IBM WebSphere Application Server

    Severity Rating: Medium

    Systems Affected
    • IBM WebSphere Application Server Version 6.1.0.0 through 6.1.0.47 and 6.0.2.0 through 6.0.2.43

    Overview
    A vulnerability has been reported in IBM WebSphere Application Server which could be exploited by a remote attacker to cause denial of service conditions.

    Description
    This vulnerability is caused due to improper handling of heartbleed messages. A remote attacker could exploit this vulnerability via specially crafted Heartbeat messages, hence cause denial of service conditions for genuine users.

    Solution
    Install updated software as mentioned by the vendor:-
    http://www-01.ibm.com/support/docvie...id=swg21671835

    Vendor Information
    IBM
    http://www-01.ibm.com/support/docvie...id=swg21671835

    References
    Secunia
    http://secunia.com/advisories/58438/

    SecurityFocus
    http://www.securityfocus.com/bid/67322

    Comment


    • #3
      Multiple IBM Eclipse Help System (IEHS) vulnerabilities in IBM WebSphere Portal

      Severity Rating: Medium

      Systems Affected

      • IBM WebSphere Portal 6.x, 7.x & 8.x
      • IBM Eclipse Help System

      Overview

      Multiple IBM Eclipse Help System (IEHS) vulnerabilities have been reported in IBM WebSphere Portal which could be exploited by remote attacker to obtain sensitive information, cause spoofing and cross-site scripting attacks.

      Description

      1. An open-redirection vulnerability in IBM Eclipse Help System

      This vulnerability exists in IBM WebSphere Portal due to an open-redirect weakness in the Eclipse Help System which could be exploited by remote attacker to provide a link which redirects victim to arbitrary web sites.

      Successful exploitation of this vulnerability could lead to phishing attacks via unspecified vectors

      2. Cross-site scripting (XSS) vulnerability in deferredView.jsp in IBM Eclipse Help System (IEHS)

      This vulnerability exists in IBM Eclipse Help System deferredView.jsp script which is vulnerable to Cross-site scripting (XSS) due to improper validation of user-supplied input.
      This could allow remote attacker to trick victim to insert malformed URL address into the browser, or click on a malformed URL link.

      Successful exploitation of this vulnerability could allow remote attacker to steal the victim's cookie-based authentication credentials.

      Note: The victim has to click a malicious link.

      3. Cross-Site Scripting (XSS) vulnerability in IBM Eclipse Help System

      This vulnerability is present in IBM Eclipse Help System due to improper validation of user-supplied input which could allow remote attacker to bypass certain security restrictions by executing arbitrary script code in the browser of an unsuspecting user


      Successful exploitation of this vulnerability may allow the remote attacker to steal cookie-based authentication credentials and which may lead to other attacks.

      Note: The victim has to click a malicious link.


      4. Information Disclosure Vulnerability in IBM Eclipse Help System (IEHS)

      This vulnerability exists in IBM Eclipse Help System which could allow a remote attacker to obtain sensitive information by injecting specially-crafted URL to view source code on the help system server.

      5. Information Disclosure Vulnerability in IBM Eclipse Help System (IEHS)

      This vulnerability exists in IBM Eclipse Help System which could allow a remote attacker to send specially crafted URL that could cause an error message to be returned in the browser that may contain sensitive information.

      Successful exploitation of this vulnerability may allow the remote attacker to obtain sensitive information.

      6. Cross-site scripting (XSS) vulnerability in workingSet.jsp in IBM Eclipse Help System (IEHS)

      This vulnerability exists in IBM Eclipse Help System workingSet.jsp script which is vulnerable to Cross-site scripting (XSS) due to improper validation of user-supplied input. This could allow remote attacker to
      trick victim to insert malformed URL address into the browser, or click on a malformed URL link.

      Successful exploitation of this vulnerability could allow remote attacker to steal the victim's cookie-based authentication credentials and launch other attacks.

      Note: The victim has to click a malicious link.

      7. Cross-site scripting (XSS) vulnerability in IBM Eclipse Help System (IEHS)

      This vulnerability exists in IBM Eclipse Help System due to improper validation of user-supplied input. This could allow remote attacker to send specially-crafted URL to execute script in a victim's Web browser.

      Successful exploitation of this vulnerability could allow remote attacker to steal the victim's cookie-based authentication credentials and launch other attacks.

      Note: The victim has to click a malicious link.

      8. Directory traversal vulnerability in IBM Eclipse Help System (IEHS)

      This vulnerability exists in IBM Eclipse Help System which could allow remote attacker to send specially crafted requests with directory-traversal sequences ('../') to read arbitrary files on the system.


      Solution
      Apply appropriate patches as mentioned in the IBM Security Bulletin
      http://www-01.ibm.com/support/docvie...id=swg21670753


      Vendor Information
      IBM
      http://www-01.ibm.com/support/docvie...id=swg21670753

      References

      XForce
      http://xforce.iss.net/xforce/xfdb/91980
      http://xforce.iss.net/xforce/xfdb/91979
      http://xforce.iss.net/xforce/xfdb/88056
      http://xforce.iss.net/xforce/xfdb/83613
      http://xforce.iss.net/xforce/xfdb/81060
      http://xforce.iss.net/xforce/xfdb/81102
      http://xforce.iss.net/xforce/xfdb/74833
      http://xforce.iss.net/xforce/xfdb/74832

      Secunia
      http://secunia.com/advisories/cve_re...CVE-2012-2159/
      http://secunia.com/advisories/cve_re...CVE-2012-2161/
      http://secunia.com/advisories/cve_re...CVE-2013-0464/
      http://secunia.com/advisories/cve_re...CVE-2013-0467/
      http://secunia.com/advisories/cve_re...CVE-2013-0599/
      http://secunia.com/advisories/cve_re...CVE-2013-5449/
      http://secunia.com/advisories/cve_re...CVE-2014-0917/
      http://secunia.com/advisories/cve_re...CVE-2014-0918/

      Security Focus
      http://www.securityfocus.com/bid/53884
      http://www.securityfocus.com/bid/60246
      http://www.securityfocus.com/bid/58000
      http://www.securityfocus.com/bid/60107
      http://www.securityfocus.com/bid/64058
      http://www.securityfocus.com/bid/67340
      http://www.securityfocus.com/bid/67339

      Comment


      • #4
        Denial of Service Vulnerability in IBM WebSphere

        Severity Rating: High

        Systems Affected
        • WebSphere Commerce versions 6.0 Feature Pack 2 – 5
        • WebSphere Commerce versions 7.0.0.0 – 7.0.0.7
        • WebSphere Commerce versions 7.0 Feature Pack 1 – 7

        Overview
        A vulnerability has been reported in IBM WebSphere Commerce Enterprise, Professional, Express, and Developer editions which could be exploited by an attacker to cause denial of service conditions.

        Description
        This vulnerability is caused due to improper handling of ‘id’ parameter values.
        An attacker could exploit this vulnerability by sending a specially crafted value of the ‘id’ parameter, hence causing disproportionate consumption of resources thereby causing the system to crash.

        Solution
        Install updated software as mentioned by the vendor:-
        http://www-01.ibm.com/support/docvie...id=swg21671377

        Vendor Information
        IBM
        http://www-01.ibm.com/support/docvie...id=swg21671377

        References
        Securelist
        http://www.securelist.com/en/advisories/58534

        Securitytracker
        http://www.securitytracker.com/id/1030284

        Comment

        Tag Cloud Tag Cloud Module
        Collapse
        Working...
        X