Vulnerabilities > CVE-2012-3330 - Denial Of Service vulnerability in IBM WebSphere Application Server
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
The proxy server in IBM WebSphere Application Server 7.0 before 7.0.0.27, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1, and WebSphere Virtual Enterprise, allows remote attackers to cause a denial of service (daemon outage) via a crafted request.
Vulnerable Configurations
Nessus
NASL family Web Servers NASL id WEBSPHERE_8_0_0_5.NASL description IBM WebSphere Application Server 8.0 before Fix Pack 5 appears to be running on the remote host. It is, therefore, potentially affected by the following vulnerabilities : - An unspecified error exists related to the Administrative Console that can allow an attacker to hijack sessions. (CVE-2012-3304, PM54356) - An unspecified directory traversal error exists that can allow remote attackers to overwrite files outside the application last seen 2020-06-01 modified 2020-06-02 plugin id 64380 published 2013-01-31 reporter This script is Copyright (C) 2013-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/64380 title IBM WebSphere Application Server 8.0 < Fix Pack 5 Multiple Vulnerabilities code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(64380); script_version("1.6"); script_cvs_date("Date: 2018/08/06 14:03:16"); script_cve_id( "CVE-2012-3304", "CVE-2012-3305", "CVE-2012-3306", "CVE-2012-3311", "CVE-2012-3325", "CVE-2012-3330" ); script_bugtraq_id(55309, 55671, 55678, 56459); script_name(english:"IBM WebSphere Application Server 8.0 < Fix Pack 5 Multiple Vulnerabilities"); script_summary(english:"Reads the version number from the SOAP port"); script_set_attribute( attribute:"synopsis", value: "The remote application server may be affected by multiple vulnerabilities." ); script_set_attribute( attribute:"description", value: "IBM WebSphere Application Server 8.0 before Fix Pack 5 appears to be running on the remote host. It is, therefore, potentially affected by the following vulnerabilities : - An unspecified error exists related to the Administrative Console that can allow an attacker to hijack sessions. (CVE-2012-3304, PM54356) - An unspecified directory traversal error exists that can allow remote attackers to overwrite files outside the application's deployment directory. (CVE-2012-3305, PM62467) - When multi-domain support is enabled, the application does not properly purge passwords from the authentication cache. (CVE-2012-3306, PM66514) - An error exists related to Federated Repositories for IIOP connections, Optimized Local Adapters and CBIND checking that can allow a local attacker to access or modify arbitrary files. Note this issue only affects the application when hosted on z/OS. (CVE-2012-3311, PM61388) - The fix contained in PM44303 contains an error that can allow an authenticated attacker to bypass security restrictions and gain administrative access to the application. (CVE-2012-3325, PM71296) - A request validation error exists related to the proxy server component that could allow a remote attacker to cause the proxy status to be reported as disabled, thus denying applications access to the proxy. (CVE-2012-3330, PM71319)" ); script_set_attribute(attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=swg24033754"); script_set_attribute(attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=swg27022958#8005"); script_set_attribute(attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=swg21615074"); script_set_attribute(attribute:"solution", value:"Apply Fix Pack 5 for version 8.0 (8.0.0.5) or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"vuln_publication_date", value:"2012/08/29"); script_set_attribute(attribute:"patch_publication_date", value:"2012/11/12"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/01/31"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:websphere_application_server"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Web Servers"); script_copyright(english:"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc."); script_dependencies("websphere_detect.nasl"); script_require_ports("Services/www", 8880, 8881); script_require_keys("www/WebSphere"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("http.inc"); port = get_http_port(default:8880, embedded:0); version = get_kb_item_or_exit("www/WebSphere/"+port+"/version"); if (version =~ "^[0-9]+(\.[0-9]+)?$") exit(1, "Failed to extract a granular version from the IBM WebSphere Application Server " + version + " instance listening on port " + port + "."); ver = split(version, sep:'.', keep:FALSE); for (i=0; i<max_index(ver); i++) ver[i] = int(ver[i]); if (ver[0] == 8 && ver[1] == 0 && ver[2] == 0 && ver[3] < 5) { if (report_verbosity > 0) { source = get_kb_item_or_exit("www/WebSphere/"+port+"/source"); report = '\n Version source : ' + source + '\n Installed version : ' + version + '\n Fixed version : 8.0.0.5' + '\n'; security_warning(port:port, extra:report); } else security_warning(port); exit(0); } else audit(AUDIT_LISTEN_NOT_VULN, "WebSphere", port, version);NASL family Web Servers NASL id WEBSPHERE_8_5_0_1.NASL description IBM WebSphere Application Server 8.5 before Fix Pack 1 appears to be running on the remote host and is, therefore, potentially affected by the following vulnerabilities : - An input validation error exists related to the last seen 2020-06-01 modified 2020-06-02 plugin id 62975 published 2012-11-20 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/62975 title IBM WebSphere Application Server 8.5 < Fix Pack 1 Multiple Vulnerabilities NASL family Web Servers NASL id WEBSPHERE_7_0_0_27.NASL description IBM WebSphere Application Server 7.0 before Fix Pack 27 appears to be running on the remote host. It is, therefore, potentially affected by the following vulnerabilities : - A request validation error exists related to the proxy server component that could allow a remote attacker to cause the proxy status to be reported as disabled, thus denying applications access to the proxy. (CVE-2012-3330, PM71319) - A user-supplied input validation error exists that could allow cross-site request forgery (CSRF) attacks to be carried out. (CVE-2012-4853, PM62920) - Unspecified errors exist related to the administration console that could allow cross-site scripting attacks. (CVE-2013-0458, CVE-2013-0459, CVE-2013-0460, PM71139, PM72536, PM72275) - An unspecified error exists related to the administration console for last seen 2020-06-01 modified 2020-06-02 plugin id 64097 published 2013-01-25 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/64097 title IBM WebSphere Application Server 7.0 < Fix Pack 27 Multiple Vulnerabilities