Vulnerabilities > CVE-2009-2743 - Unspecified vulnerability in IBM Websphere Application Server
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.27, and 7.0 before 7.0.0.7, does not properly handle an exception occurring after use of wsadmin scripts and configuration of JAAS-J2C Authentication Data, which allows local users to obtain sensitive information by reading the First Failure Data Capture (FFDC) log file.
Vulnerable Configurations
Nessus
NASL family | Web Servers |
NASL id | WEBSPHERE_6_1_0_27.NASL |
description | IBM WebSphere Application Server 6.1 before Fix Pack 27 appears to be running on the remote host. As such, it is reportedly affected by multiple vulnerabilities : - The Eclipse help system included with WebSphere Application Server is affected by a cross-site scripting vulnerability. (PK78917) - It may be possible to bypass security restrictions using a specially crafted HTTP HEAD method. (PK83258) - New applications deployed in WebSphere Application Server for z/OS prior to 1.8 are saved on the file system with insecure privileges resulting in disclosure of sensitive information. (PK83308) - If JAAS-J2C Authentication Data is configured using wsadmin scripts, the password value may appear in FFDC logs. (PK86137) - Apache APR-util is affected by a denial of service issue. (PK88341) - Due to an error in expat XML parser, APR-util is affected by a denial of service issue. (PK88342) - It may be possible to trigger a denial of service attack due to errors in Fix Packs 6.1.0.23 and 6.1.0.25. (PK91709) |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 41057 |
published | 2009-09-23 |
reporter | This script is Copyright (C) 2009-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/41057 |
title | IBM WebSphere Application Server < 6.1.0.27 Multiple Vulnerabilities |
code |
|
Seebug
bulletinFamily | exploit |
description | Bugraq ID: 36458 CVE ID:CVE-2009-2743 IBM WebSphere Application Server是一款商业性质的WEB应用服务程序。 IBM WebSphere Application Server允许本地攻击者获得敏感信息。 在使用wsadmin脚本和配置了JAAS-J2C验证数据后,当部分异常发生时存在一个错误,通过查看FFDC日志文件,攻击者可以获得敏感信息。 IBM Websphere Application Server 6.1 25 IBM Websphere Application Server 6.1 23 IBM Websphere Application Server 6.1 22 IBM Websphere Application Server 6.1 21 IBM Websphere Application Server 6.1 20 IBM Websphere Application Server 6.1 19 IBM Websphere Application Server 6.1 18 IBM Websphere Application Server 6.1 17 IBM Websphere Application Server 6.1 15 IBM Websphere Application Server 6.1 13 IBM Websphere Application Server 6.1 12 IBM Websphere Application Server 6.1 10 IBM Websphere Application Server 6.1 .9 IBM Websphere Application Server 6.1 .7 IBM Websphere Application Server 6.1 .6 IBM Websphere Application Server 6.1 .5 IBM Websphere Application Server 6.1 .3 IBM Websphere Application Server 6.1 .2 IBM Websphere Application Server 6.1 .14 IBM Websphere Application Server 6.1 .1 IBM Websphere Application Server 6.1 IBM Websphere Application Server 6.1 IBM Websphere Application Server 6.1 IBM Websphere Application Server 6.1 IBM Websphere Application Server 6.1 IBM Websphere Application Server 6.1 厂商解决方案 用户可联系供应商下载使用最新的Fix Pack (6.1.0.27或之后)或APAR PK86137补丁: http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27004980 |
id | SSV:12361 |
last seen | 2017-11-19 |
modified | 2009-09-21 |
published | 2009-09-21 |
reporter | Root |
title | IBM WebSphere Application Server本地信息泄漏漏洞 |
References
- http://secunia.com/advisories/37796
- http://www.vupen.com/english/advisories/2009/2721
- http://www-01.ibm.com/support/docview.wss?uid=swg27007951
- http://www-01.ibm.com/support/docview.wss?uid=swg27014463
- http://www-1.ibm.com/support/docview.wss?uid=swg1PK86137
- https://exchange.xforce.ibmcloud.com/vulnerabilities/53343