2 matches found
IBM WebSphere应用服务器default_create.log信息泄露漏洞
BUGTRAQ ID: 40694 CVE ID: CVE-2010-2323 IBM Websphere应用服务器以Java和Servlet引擎为基础,支持多种HTTP服务,可帮助用户完成从开发、发布到维护交互式的动态网站的所有工作。 在目标系统上使用zPMT和BBOWWPFx任务模板创建配置文件的时候,可能会向defaultcreate.log日志中写入敏感信息。 IBM Websphere Application Server 7.0.x 厂商补丁: IBM --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
CVE-2010-2323
CVE-2010-2323 affects IBM WebSphere Application Server (WAS) 7.0 on z/OS prior to 7.0.0.11. The issue could allow an attacker to obtain sensitive information by reading the default_create.log file written during profile creation by the BBOWWPFx job and the zPMT. The underlying cause is improper h...