Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2011-2018 Tenable Network Security, Inc.WEBSPHERE_6_1_0_37.NASL
HistoryApr 18, 2011 - 12:00 a.m.

IBM WebSphere Application Server 6.1 < 6.1.0.37 Multiple Vulnerabilities

2011-04-1800:00:00
This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.
www.tenable.com
11

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.01 Low

EPSS

Percentile

83.7%

JSON

IBM WebSphere Application Server 6.1 before Fix Pack 37 appears to be running on the remote host. As such, it is potentially affected by the following vulnerabilities :

  • It is possible to trigger a DoS condition via SAAJ API provided by the WebSphere Web services runtime.
    (PM19534)

  • An unspecified cross-site scripting vulnerability exists in the IVT application. (PM20393)

  • The AuthCache purge implementation is not able to purge a user in AuthCache. (PM24668)

  • A remote attacker can gain unspecified application access on z/OS, when a Local OS user registry or Federated Repository with RACF adapter is used. (PM35478)

#
# (C) Tenable Network Security, Inc.
#


include("compat.inc");


if (description)
{
  script_id(53475);
  script_version("1.15");
  script_cvs_date("Date: 2018/11/15 20:50:26");

  script_cve_id(
    "CVE-2011-1308",
    "CVE-2011-1321",
    "CVE-2011-1322",
    "CVE-2011-1683"
  );
  script_bugtraq_id(46736, 47122);
  script_xref(name:"Secunia", value:"44031");

  script_name(english:"IBM WebSphere Application Server 6.1 < 6.1.0.37 Multiple Vulnerabilities");
  script_summary(english:"Reads the version number from the SOAP port");

  script_set_attribute(
    attribute:"synopsis",
    value:"The remote application server is affected by multiple vulnerabilities."
  );
  script_set_attribute(
    attribute:"description",
    value:
"IBM WebSphere Application Server 6.1 before Fix Pack 37 appears to be
running on the remote host.  As such, it is potentially affected by
the following vulnerabilities :

  - It is possible to trigger a DoS condition via SAAJ
    API provided by the WebSphere Web services runtime.
    (PM19534)

  - An unspecified cross-site scripting vulnerability
    exists in the IVT application. (PM20393)

  - The AuthCache purge implementation is not able to
    purge a user in AuthCache. (PM24668)

  - A remote attacker can gain unspecified application access
    on z/OS, when a Local OS user registry or Federated
    Repository with RACF adapter is used. (PM35478)"
  );
  script_set_attribute(attribute:"see_also",value:"http://www-01.ibm.com/support/docview.wss?uid=swg21404665");
  script_set_attribute(attribute:"see_also",value:"http://www-01.ibm.com/support/docview.wss?uid=swg27009778");
  script_set_attribute(attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=swg21473989");
  script_set_attribute(attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=swg1PM19534");
  script_set_attribute(attribute:"see_also", value:"https://www-01.ibm.com/support/docview.wss?uid=swg1PM24668");
  script_set_attribute(attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=swg27007951#61037");
  script_set_attribute(attribute:"solution", value:
"If using WebSphere Application Server, apply Fix Pack 37 (6.1.0.37) or
later. 

Otherwise, if using embedded WebSphere Application Server packaged with
Tivoli Directory Server, apply the latest recommended eWAS fix pack.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);

  script_set_attribute(attribute:"vuln_publication_date", value:"2011/03/31");
  script_set_attribute(attribute:"patch_publication_date", value:"2011/04/04");
  script_set_attribute(attribute:"plugin_publication_date", value:"2011/04/18");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:websphere_application_server");

  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Web Servers");

  script_copyright(english:"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.");

  script_dependencies("websphere_detect.nasl");
  script_require_ports("Services/www", 8880, 8881);
  script_require_keys("www/WebSphere");

  exit(0);
}


include("global_settings.inc");
include("misc_func.inc");
include("http.inc");

port = get_http_port(default:8880, embedded:FALSE);


version = get_kb_item("www/WebSphere/"+port+"/version");
if (isnull(version)) exit(1, "Failed to extract the version from the IBM WebSphere Application Server instance listening on port " + port + ".");
if (version =~ "^[0-9]+(\.[0-9]+)?$")
  exit(1, "Failed to extract a granular version from the IBM WebSphere Application Server instance listening on port " + port + ".");

ver = split(version, sep:'.', keep:FALSE);
for (i=0; i<max_index(ver); i++)
  ver[i] = int(ver[i]);

if (ver[0] == 6 && ver[1] == 1 && ver[2] == 0 && ver[3] < 37)
{
  set_kb_item(name:'www/'+port+'/XSS', value:TRUE);

  if (report_verbosity > 0)
  {
    source = get_kb_item_or_exit("www/WebSphere/"+port+"/source");

    report =
      '\n  Source            : ' + source +
      '\n  Installed version : ' + version +
      '\n  Fixed version     : 6.1.0.37' +
      '\n';
    security_warning(port:port, extra:report);
  }
  else security_warning(port);
  exit(0);
}
else exit(0, "The WebSphere Application Server "+version+" instance listening on port "+port+" is not affected.");
VendorProductVersionCPE
ibmwebsphere_application_servercpe:/a:ibm:websphere_application_server

Related

openvas 4
cvelist 5
nvd 5
cve 5
prion 5
nessus 2
openvas
openvas
IBM WebSphere Application Server (WAS) Multiple Vulnerabilities 02 (Mar 2011)
2011-03-22 00:00:00
IBM WebSphere Application Server (WAS) Multiple Vulnerabilities 02 - March 2011
2011-03-22 00:00:00
IBM WebSphere Application Server (WAS) Multiple Vulnerabilities (Mar 2011)
2011-03-22 00:00:00
cvelist
cvelist
CVE-2011-1322
2022-10-03 16:15:11
CVE-2011-1683
2022-10-03 16:15:10
CVE-2011-1321
2022-10-03 16:15:08
nvd
nvd
CVE-2011-1322
2011-03-08 21:59:35
CVE-2011-1683
2011-04-13 14:55:01
CVE-2011-1321
2011-03-08 21:59:35
cve
cve
CVE-2011-1322
2022-10-03 16:15:11
CVE-2011-1683
2022-10-03 16:15:10
CVE-2011-1321
2022-10-03 16:15:08
prion
prion
Code injection
2011-03-08 21:59:00
Design/Logic Flaw
2011-04-13 14:55:00
Code injection
2011-03-08 21:59:00
nessus
nessus
IBM WebSphere Application Server 7.0 < Fix Pack 17 Multiple Vulnerabilities
2011-06-17 00:00:00
IBM WebSphere Application Server 7.0 < Fix Pack 15 Multiple Vulnerabilities
2011-03-10 00:00:00

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.01 Low

EPSS

Percentile

83.7%

JSON
Related for WEBSPHERE_6_1_0_37.NASL
openvas4cvelist5nvd5cve5prion5nessus2