5 matches found
EUVD-2010-2336
Malware in sbrugna...
IBM WebSphere应用服务器addNode.log信息泄露漏洞
BUGTRAQ ID: 40699 CVE ID: CVE-2010-2326 IBM Websphere应用服务器以Java和Servlet引擎为基础,支持多种HTTP服务,可帮助用户完成从开发、发布到维护交互式的动态网站的所有工作。 如果在节点联合期间使用了addNode -trace选项的话,本地用户就可以通过读取addNode.log日志文件获取有关CIMMetadataCollectorImpl追踪操作的敏感信息。 IBM Websphere Application Server 7.0.x 厂商补丁: IBM ---...
CVE-2006-2430
IBM WebSphere Application Server 5.0.2 and earlier, 5.1.1 and earlier, and 6.0.2 up to 6.0.2.7 records user credentials in plaintext in addNode.log, which allows attackers to gain privileges...
Design/Logic Flaw
IBM WebSphere Application Server 5.0.2 and earlier, 5.1.1 and earlier, and 6.0.2 up to 6.0.2.7 records user credentials in plaintext in addNode.log, which allows attackers to gain privileges...
CVE-2006-2430
CVE-2006-2430 affects IBM WebSphere Application Server: versions 5.0.2 and earlier, 5.1.1 and earlier, and 6.0.2 up to 6.0.2.7. The vulnerability arises because user credentials are recorded in plaintext in addNode.log, which can allow attackers to gain privileges. Supported connected documents c...