5 matches found
Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Enterprise Service Bus shipped with WebSphere Remote Server (CVE-2014-4746)
Summary IBM WebSphere Enterprise Service Bus is shipped as a component of WebSphere Remote Server. Information about security vulnerabilities affecting IBM WebSphere Enterprise Service Bus has been published in a security bulletin. Vulnerability Details For vulnerability details, see the security...
Security Bulletin: varying error codes allows detection of existing systems behind firewall
Summary A security vulnerability related to content handler URLs makes it possible to check if a system exists for example, behind a firewall. A different error code is returned for a systems that exist but are not accessible via the proxy functionality versus b systems that do not exist. Affecte...
IBM WebSphere Portal Error Codes Information Disclosure (PI21858)
The version of IBM WebSphere Portal on the remote host is affected by an information disclosure vulnerability by returning error codes. A remote attacker can exploit this issue to identify devices behind a firewall. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
CVE-2014-4746
CVE-2014-4746 affects IBM WebSphere Portal: 8.0.0 before 8.0.0.1 CF13 and 8.5.0 through CF01. The issue arises from returning different error codes for firewall-traversal requests based on whether the intranet host exists, enabling remote attackers to map the intranet network via a series of requ...
CVE-2014-4746
IBM WebSphere Portal 8.0.0 before 8.0.0.1 CF13 and 8.5.0 through CF01 provides different error codes for firewall-traversal requests depending on whether the intranet host exists, which allows remote attackers to map the intranet network via a series of requests...