WebSphere PerfServlet 导致敏感信息泄露

No description provided by source...

IBM WebSphere Application Server < 6.0.2.33 Multiple Vulnerabilities

IBM WebSphere Application Server 6.0.2 before Fix Pack 33 appears to be running on the remote host. As such, it is reportedly affected by multiple vulnerabilities : - Provided an attacker has valid credentials, it may be possible to hijack an authenticated session. PK66676 - The PerfServlet code...

IBM WebSphere Application Server &quot;PerfServlet&quot;信息泄漏漏洞

BUGTRAQ ID: CVE ID：CVE-2008-5413 CNCVE ID：CNCVE-20085413 IBM WebSphere Application Server是一款商业性质的WEB应用服务程序。 IBM WebSphere Application Server "PerfServlet"参数处理存在问题，远程攻击者可以利用漏洞获得敏感信息。 目前没有详细解决方案提供。 IBM WebSphere Application Server 6.0.x 可参考如下安全公告获得补丁信息：...

IBM WebSphere Application Server 6.1 < Fix Pack 21 Multiple Flaws

IBM WebSphere Application Server 6.1 before Fix Pack 21 appears to be running on the remote host. As such, it is reportedly affected by multiple flaws : - Provided Performance Monitoring Infrastructure PMI is enabled, it may be possible for a local attacker to obtain sensitive information through...

CVE-2009-0434

PerfServlet in the PMI/Performance Tools component in IBM WebSphere Application Server WAS 6.0.x before 6.0.2.31, 6.1.x before 6.1.0.21, and 7.0.x before 7.0.0.1, when Performance Monitoring Infrastructure PMI is enabled, allows local users to obtain sensitive information by reading the 1...

Design/Logic Flaw

PerfServlet in the PMI/Performance Tools component in IBM WebSphere Application Server WAS 6.0.x before 6.0.2.31, 6.1.x before 6.1.0.21, and 7.0.x before 7.0.0.1, when Performance Monitoring Infrastructure PMI is enabled, allows local users to obtain sensitive information by reading the 1...

CVE-2009-0434

PerfServlet in IBM WebSphere Application Server (WAS) PMI/Performance Tools is affected: when PMI is enabled, a local attacker can read systemout.log and ffdc files to obtain sensitive information. Affected versions include WAS 6.0.x before 6.0.2.31, 6.1.x before 6.1.0.21, and 7.0.x before 7.0.0....

CVE-2009-0434

PerfServlet in the PMI/Performance Tools component in IBM WebSphere Application Server WAS 6.0.x before 6.0.2.31, 6.1.x before 6.1.0.21, and 7.0.x before 7.0.0.1, when Performance Monitoring Infrastructure PMI is enabled, allows local users to obtain sensitive information by reading the 1...

CVE-2008-5413

PerfServlet in the PMI/Performance Tools component in IBM WebSphere Application Server WAS 7 before 7.0.0.1 allows attackers to obtain sensitive information by reading the 1 systemout.log and 2 ffdc files. NOTE: this is probably a duplicate of CVE-2009-0434...

Information disclosure

PerfServlet in the PMI/Performance Tools component in IBM WebSphere Application Server WAS 7 before 7.0.0.1 allows attackers to obtain sensitive information by reading the 1 systemout.log and 2 ffdc files. NOTE: this is probably a duplicate of CVE-2009-0434...

CVE-2008-5413

PerfServlet in the PMI/Performance Tools component in IBM WebSphere Application Server WAS 7 before 7.0.0.1 allows attackers to obtain sensitive information by reading the 1 systemout.log and 2 ffdc files. NOTE: this is probably a duplicate of CVE-2009-0434...

IBM WebSphere Application Server 7.0 < Fix Pack 1

IBM WebSphere Application Server 7.0 before Fix Pack 1 appears to be running on the remote host. As such, it is reportedly affected by multiple vulnerabilities. - The PerfServlet code writes sensitive information in the 'systemout.log' and ffdc files, provided Performance Monitoring Infrastructur...