CVE-2010-2323

IBM WebSphere Application Server WAS 7.0 before 7.0.0.11 on z/OS might allow attackers to obtain sensitive information by reading the defaultcreate.log file that is associated with profile creation by the BBOWWPFx job and the zPMT...

IBM WebSphere应用服务器default_create.log信息泄露漏洞

BUGTRAQ ID: 40694 CVE ID: CVE-2010-2323 IBM Websphere应用服务器以Java和Servlet引擎为基础，支持多种HTTP服务，可帮助用户完成从开发、发布到维护交互式的动态网站的所有工作。 在目标系统上使用zPMT和BBOWWPFx任务模板创建配置文件的时候，可能会向defaultcreate.log日志中写入敏感信息。 IBM Websphere Application Server 7.0.x 厂商补丁： IBM --- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Design/Logic Flaw

IBM WebSphere Application Server WAS 7.0 before 7.0.0.11 on z/OS might allow attackers to obtain sensitive information by reading the defaultcreate.log file that is associated with profile creation by the BBOWWPFx job and the zPMT...