WebSphere Application Server < 6.0.2.25 Multiple Vulnerabilities

2008-01-22T00:00:00
ID 4355.PRM
Type nessus
Reporter Tenable
Modified 2019-03-06T00:00:00

Description

The remote server is a WebSphere application server. This version is reported to be vulnerable to a number of flaws. First, there is a reported flaw in the way that the administrative console monitors role users. Second, there is a buffer overflow in the default messaging component. Third, there is an unspecified flaw in the Java Transaction service. Fourth, there is an information disclosure flaw in the 'http_plugin.log' file. Fifth, there is an information disclosure flaw in the 'PropFilePasswordEncoder' utility. The details of these flaws are currently unknown; however, the vendor has released a patch to address these issues.

                                        
                                            Binary data 4355.prm