RootSSV:20439

HistoryApr 02, 2011 - 12:00 a.m.

IBM WebSphere Application Server未验证访问漏洞

2011-04-0200:00:00

Root

www.seebug.org

0.041 Low

EPSS

Percentile

91.2%

JSON

CVE ID: CVE-2010-4476

IBM WebSphere Application Server (WAS)是由IBM遵照开放标准，例如Java EE, XML 还有Web Services，开发并发行的一种应用服务器。与其兼容的Web服务器包括：Apache HTTP Server，Netscape Enterprise Server，Microsoft Internet Information Services (IIS)以及IBM HTTP Server。

运行z/OS的IBM WAS在实现上存在安全漏洞，未授权用户可利用此漏洞访问WebSphere应用程序。

在WebSphere用Local OS用户注册表配置或用RACF适配器配置Federated Repository时会出现此问题。Local OS用户注册表和使用RACF适配器的Federated Repository使用SAF实现，意味着RACF使用和相对产品的使用都受到影响。

IBM Websphere Application Server
厂商补丁：

IBM

目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：

http://www.ers.ibm.com/

openvas 61

redhat 14

veracode 1

nessus 54

jvn 4

checkpoint_security 1

prion 1

oraclelinux 4

osv 1

f5 2

cisa 1

ibm 1

centos 2

debian 2

ubuntucve 1

cve 1

github 1

securityvulns 4

fedora 8

ubuntu 3

suse 4

vmware 2

oracle 1

gentoo 2

openvas

RedHat Update for tomcat5 RHSA-2011:0336-01

2011-03-15 00:00:00

CentOS Update for tomcat5 CESA-2011:0336 centos5 i386

2011-08-09 00:00:00

RedHat Update for tomcat5 RHSA-2011:0336-01

2011-03-15 00:00:00

redhat

(RHSA-2011:0299) Moderate: java-1.4.2-ibm-sap security update

2011-02-23 00:00:00

(RHSA-2011:0336) Important: tomcat5 security update

2011-03-09 00:00:00

(RHSA-2011:0212) Important: jbossweb security update

2011-02-10 14:41:03

veracode

Denial Of Service (DoS)

2020-04-10 00:53:32

nessus

Debian DSA-2161-1 : openjdk-6 - denial of service

2011-02-15 00:00:00

RHEL 4 / 5 / 6 : java-1.6.0-ibm (RHSA-2011:0290)

2011-02-23 00:00:00

RHEL 5 / 6 : java-1.6.0-openjdk (RHSA-2011:0214)

2011-02-11 00:00:00

jvn

JVN#97334690: IBM Lotus vulnerable to denial-of-service (DoS)

2011-03-04 00:00:00

JVN#16308183: IBM DB2 vulnerable to denial-of-service (DoS)

2011-03-04 00:00:00

JVN#26301278: IBM WebSphere Application Server vulnerable to denial-of-service (DoS)

2011-03-04 00:00:00

checkpoint_security

Check Point's response to Oracle Java Floating-Point Value Denial of Service Vulnerability (CVE-2010-4476)

2011-02-14 22:00:00

prion

Design/Logic Flaw

2011-02-17 19:00:00

oraclelinux

java-1.6.0-openjdk security update

2011-02-11 00:00:00

tomcat5 security update

2011-03-09 00:00:00

tomcat6 security and bug fix update

2011-03-09 00:00:00

osv

Apache Tomcat affected by infinite loop in Double.parseDouble method in Java Runtime Environment

2022-05-14 02:16:07

K12826 : Java Runtime Environment (JRE) vulnerability: CVE-2010-4476

2013-09-11 00:00:00

SOL12826 - Java Runtime Environment (JRE) vulnerability: CVE-2010-4476

2011-05-09 00:00:00

cisa

Oracle Releases Security Alert for Java Runtime Environment

2011-02-10 00:00:00

ibm

Security Bulletin: Denial of Service Security Exposure with Java causes JRE/JDK hang (CVE-2010-4476)

2020-09-10 15:43:59

centos

tomcat5 security update

2011-04-14 14:58:50

java security update

2011-04-14 14:31:40

debian

[SECURITY] [DSA 2161-1] OpenJDK security update

2011-02-13 20:27:08

[SECURITY] [DSA 2161-2] OpenJDK security update

2011-02-14 20:05:54

ubuntucve

CVE-2010-4476

2011-02-17 00:00:00

cve

CVE-2010-4476

2011-02-17 19:00:00

github

Apache Tomcat affected by infinite loop in Double.parseDouble method in Java Runtime Environment

2022-05-14 02:16:07

securityvulns

[security bulletin] HPSBUX02642 SSRT100415 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows running Java, Remote Denial of Service (DoS)

2011-04-14 00:00:00

HP Network Node Manager i information leakage

2011-10-31 00:00:00

Oracle Java multiple security vulnerabilities / OpenJDK

2011-02-17 00:00:00

fedora

[SECURITY] Fedora 13 Update: java-1.6.0-openjdk-1.6.0.0-50.1.8.6.fc13

2011-02-13 08:49:15

[SECURITY] Fedora 14 Update: java-1.6.0-openjdk-1.6.0.0-52.1.9.6.fc14

2011-02-13 08:50:21

[SECURITY] Fedora 14 Update: java-1.6.0-openjdk-1.6.0.0-52.1.9.7.fc14

2011-02-16 19:20:33

ubuntu

OpenJDK 6 vulnerabilities

2011-03-17 00:00:00

OpenJDK 6 vulnerabilities

2011-03-15 00:00:00

OpenJDK 6 vulnerabilities

2011-03-01 00:00:00

suse

remote code execution in java-1_4_2-ibm

2011-05-13 13:10:27

Security update for IBM Java 1.4.2 (important)

2011-07-22 05:08:11

remote code execution in java-1_6_0-ibm,java-1_5_0-ibm,java-1_4_2-ibm

2011-03-22 13:32:34

vmware

VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX

2011-10-27 00:00:00

VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX

2011-10-27 00:00:00

oracle

cpuapr2011

2011-04-19 00:00:00

gentoo

Oracle JRE/JDK: Multiple vulnerabilities

2011-11-05 00:00:00

IcedTea JDK: Multiple vulnerabilities

2014-06-29 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

IBM WebSphere Application Server未验证访问漏洞

IBM

Related