Vulnerabilities > CVE-2013-0482 - Unspecified vulnerability in IBM products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN ibm
nessus
Summary
IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.29, 8.0 before 8.0.0.6, and 8.5 through 8.5.0.2 and WebSphere Message Broker 6.1, 7.0 through 7.0.0.5, and 8.0 through 8.0.0.2, when WS-Security is used, allows remote attackers to spoof the signatures of messages via a crafted SOAP message, related to a "Signature Wrap attack," a different vulnerability than CVE-2011-1377 and CVE-2013-0489.
Vulnerable Configurations
Nessus
NASL family Web Servers NASL id WEBSPHERE_7_0_0_29.NASL description IBM WebSphere Application Server 7.0 before Fix Pack 29 appears to be running on the remote host. It is, therefore, potentially affected by the following vulnerabilities : - The TLS protocol in the GSKIT component is vulnerable to a plaintext recovery attack. (CVE-2013-0169, PM85211) - The WS-Security run time contains a flaw that could be triggered by a specially crafted SOAP request to execute arbitrary code. (CVE-2013-0482, PM76582) - A denial of service vulnerability exists, caused by a buffer overflow on localOS registry when using WebSphere Identity Manager (WIM). (CVE-2013-0541, PM74909) - An unspecified cross-site scripting vulnerability exists related to the administrative console. (CVE-2013-0542, CVE-2013-2967, PM78614, PM81846) - A validation flaw exists relating to last seen 2020-06-01 modified 2020-06-02 plugin id 68982 published 2013-07-19 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68982 title IBM WebSphere Application Server 7.0 < Fix Pack 29 Multiple Vulnerabilities code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(68982); script_version("1.9"); script_cvs_date("Date: 2019/11/27"); script_cve_id( "CVE-2013-0169", "CVE-2013-0482", "CVE-2013-0541", "CVE-2013-0542", "CVE-2013-0543", "CVE-2013-0544", "CVE-2013-0597", "CVE-2013-1768", "CVE-2013-2967", "CVE-2013-2976", "CVE-2013-3029" ); script_bugtraq_id( 57778, 59247, 59248, 59250, 59251, 59650, 60534, 60724 ); script_name(english:"IBM WebSphere Application Server 7.0 < Fix Pack 29 Multiple Vulnerabilities"); script_summary(english:"Reads the version number from the SOAP port"); script_set_attribute(attribute:"synopsis", value: "The remote application server is potentially affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "IBM WebSphere Application Server 7.0 before Fix Pack 29 appears to be running on the remote host. It is, therefore, potentially affected by the following vulnerabilities : - The TLS protocol in the GSKIT component is vulnerable to a plaintext recovery attack. (CVE-2013-0169, PM85211) - The WS-Security run time contains a flaw that could be triggered by a specially crafted SOAP request to execute arbitrary code. (CVE-2013-0482, PM76582) - A denial of service vulnerability exists, caused by a buffer overflow on localOS registry when using WebSphere Identity Manager (WIM). (CVE-2013-0541, PM74909) - An unspecified cross-site scripting vulnerability exists related to the administrative console. (CVE-2013-0542, CVE-2013-2967, PM78614, PM81846) - A validation flaw exists relating to 'Local OS registries' that may allow a remote attacker to bypass security. (CVE-2013-0543, PM75582) - A directory traversal vulnerability exists in the administrative console via the 'PARAMETER' parameter. (CVE-2013-0544, PM82468) - A flaw exists relating to OAuth that could allow a remote attacker to obtain someone else's credentials. (CVE-2013-0597, PM85834, PM87131) - A flaw exists relating to OpenJPA that is triggered during deserialization that may allow a remote attacker to write to the file system and potentially execute arbitrary code. (CVE-2013-1768, PM86780, PM86786, PM86788, PM86791) - An information disclosure issue exists relating to incorrect caching by the administrative console. (CVE-2013-2976, PM79992) - A user-supplied input validation error exists that could allow cross-site request (CSRF) attacks to be carried out. (CVE-2013-3029, PM88746)"); # https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_potential_security_vulnerabilities_fixed_in_ibm_websphere_application_server_7_0_0_29?lang=en_us script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?0379569f"); script_set_attribute(attribute:"see_also", value:"https://www-304.ibm.com/support/docview.wss?uid=swg21640799"); script_set_attribute(attribute:"solution", value: "If using WebSphere Application Server, apply Fix Pack 29 (7.0.0.29) or later. Otherwise, if using embedded WebSphere Application Server packaged with Tivoli Directory Server, apply the latest recommended eWAS fix pack."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2013-1768"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990); script_set_attribute(attribute:"vuln_publication_date", value:"2013/02/04"); script_set_attribute(attribute:"patch_publication_date", value:"2013/06/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/19"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:websphere_application_server"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Web Servers"); script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("websphere_detect.nasl"); script_require_keys("www/WebSphere"); script_require_ports("Services/www", 8880, 8881); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("http.inc"); port = get_http_port(default:8880, embedded:0); version = get_kb_item_or_exit("www/WebSphere/"+port+"/version"); if (version =~ "^[0-9]+(\.[0-9]+)?$") exit(1, "Failed to extract a granular version from the IBM WebSphere Application Server " + version + " instance listening on port " + port + "."); ver = split(version, sep:'.', keep:FALSE); for (i=0; i<max_index(ver); i++) ver[i] = int(ver[i]); if (ver[0] == 7 && ver[1] == 0 && ver[2] == 0 && ver[3] < 29) { set_kb_item(name:'www/'+port+'/XSS', value:TRUE); set_kb_item(name:'www/'+port+'/XSRF', value:TRUE); if (report_verbosity > 0) { source = get_kb_item_or_exit("www/WebSphere/"+port+"/source"); report = '\n Version source : ' + source + '\n Installed version : ' + version + '\n Fixed version : 7.0.0.29' + '\n'; security_hole(port:port, extra:report); } else security_hole(port); exit(0); } else audit(AUDIT_LISTEN_NOT_VULN, "WebSphere", port, version);
NASL family Web Servers NASL id WEBSPHERE_8_5_5.NASL description IBM WebSphere Application Server 8.5 before Fix Pack 8.5.5 appears to be running on the remote host and is, therefore, potentially affected by the following vulnerabilities : - The TLS protocol in the GSKIT component is vulnerable to a plaintext recovery attack. (CVE-2013-0169, PM85211) - The WS-Security run time contains a flaw that could be triggered by a specially crafted SOAP request to execute arbitrary code. (CVE-2013-0482, PM76582) - A flaw exists relating to OAuth that could allow a remote attacker to obtain someone else last seen 2020-06-01 modified 2020-06-02 plugin id 69021 published 2013-07-23 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/69021 title IBM WebSphere Application Server 8.5 < Fix Pack 8.5.5 Multiple Vulnerabilities code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(69021); script_version("1.8"); script_cvs_date("Date: 2019/11/27"); script_cve_id( "CVE-2013-0169", "CVE-2013-0482", "CVE-2013-0597", "CVE-2013-1768", "CVE-2013-2967", "CVE-2013-2975", "CVE-2013-2976", "CVE-2013-3024" ); script_bugtraq_id( 57778, 59650, 60534, 60724 ); script_name(english:"IBM WebSphere Application Server 8.5 < Fix Pack 8.5.5 Multiple Vulnerabilities"); script_summary(english:"Reads the version number from the SOAP port"); script_set_attribute(attribute:"synopsis", value: "The remote application server may be affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "IBM WebSphere Application Server 8.5 before Fix Pack 8.5.5 appears to be running on the remote host and is, therefore, potentially affected by the following vulnerabilities : - The TLS protocol in the GSKIT component is vulnerable to a plaintext recovery attack. (CVE-2013-0169, PM85211) - The WS-Security run time contains a flaw that could be triggered by a specially crafted SOAP request to execute arbitrary code. (CVE-2013-0482, PM76582) - A flaw exists relating to OAuth that could allow a remote attacker to obtain someone else's credentials. (CVE-2013-0597, PM85834, PM87131) - A flaw exists relating to OpenJPA that is triggered during deserialization, which could allow a remote attacker to write to the file system and potentially execute arbitrary code. (CVE-2013-1768, PM86780, PM86786, PM86788, PM86791) - An unspecified cross-site scripting vulnerability exists related to the administrative console. (CVE-2013-2967, PM78614) - An unspecified vulnerability exists. (CVE-2013-2975) - An information disclosure vulnerability exists relating to incorrect caching by the administrative console. (CVE-2013-2976, PM79992) - An improper process initialization flaw exists on UNIX platforms that could allow a local attacker to execute arbitrary commands. (CVE-2013-3024, PM86245)"); script_set_attribute(attribute:"see_also", value:"https://www-304.ibm.com/support/docview.wss?&uid=swg21639553"); # https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_potential_security_vulnerabilities_fixed_in_ibm_websphere_application_server_8_5_5?lang=en_us script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?aa3b02e5"); script_set_attribute(attribute:"solution", value: "Apply Fix Pack 8.5.5 for version 8.5 (8.5.5.0) or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2013-1768"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990); script_set_attribute(attribute:"vuln_publication_date", value:"2013/02/04"); script_set_attribute(attribute:"patch_publication_date", value:"2013/07/01"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/23"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:websphere_application_server"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Web Servers"); script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("websphere_detect.nasl"); script_require_keys("www/WebSphere"); script_require_ports("Services/www", 8880, 8881); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("http.inc"); port = get_http_port(default:8880, embedded:0); version = get_kb_item_or_exit("www/WebSphere/"+port+"/version"); source = get_kb_item_or_exit("www/WebSphere/"+port+"/source"); if (version !~ "^8\.5([^0-9]|$)") exit(0, "The version of the IBM WebSphere Application Server instance listening on port "+port+" is "+version+", not 8.5."); if (version =~ "^[0-9]+(\.[0-9]+)?$") exit(1, "Failed to extract a granular version from the IBM WebSphere Application Server instance listening on port " + port + "."); ver = split(version, sep:'.', keep:FALSE); for (i=0; i<max_index(ver); i++) ver[i] = int(ver[i]); if (ver[0] == 8 && ver[1] == 5 && ver[2] < 5) { set_kb_item(name:'www/'+port+'/XSS', value:TRUE); if (report_verbosity > 0) { report = '\n Version source : ' + source + '\n Installed version : ' + version + '\n Fixed version : 8.5.5' + '\n'; security_hole(port:port, extra:report); } else security_hole(port); exit(0); } else audit(AUDIT_LISTEN_NOT_VULN, "WebSphere", port, version);
NASL family Web Servers NASL id WEBSPHERE_8_5_0_2.NASL description IBM WebSphere Application Server 8.5 before Fix Pack 2 appears to be running on the remote host and is, therefore, potentially affected by the following vulnerabilities : - The included Java SDK contains several errors that affect the application directly. (CVE-2013-0169, CVE-2013-0440, CVE-2013-0443) - Input validation errors exist related to the administration console that could allow cross-site scripting attacks. (CVE-2013-0458 / PM71139, CVE-2013-0461 / PM71389, CVE-2013-0542 / PM81846, CVE-2013-0565 / PM83402) - An input validation error exists related to the administration console that could allow cross-site scripting attacks. Note that this issue affects only the application when running on z/OS operating systems. (CVE-2013-0459 / PM72536) - An unspecified error could allow security bypass for authenticated users. (CVE-2013-0462 / PM76886 or PM79937) - An error exists related to last seen 2020-06-01 modified 2020-06-02 plugin id 66375 published 2013-05-10 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/66375 title IBM WebSphere Application Server 8.5 < Fix Pack 2 Multiple Vulnerabilities code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(66375); script_version("1.10"); script_cvs_date("Date: 2019/11/27"); script_cve_id( "CVE-2013-0169", "CVE-2013-0440", "CVE-2013-0443", "CVE-2013-0458", "CVE-2013-0459", "CVE-2013-0461", "CVE-2013-0462", "CVE-2013-0482", "CVE-2013-0540", "CVE-2013-0541", "CVE-2013-0542", "CVE-2013-0543", "CVE-2013-0544", "CVE-2013-0565" ); script_bugtraq_id( 57508, 57509, 57512, 57513, 57702, 57712, 57778, 59246, 59247, 59248, 59250, 59251, 59252, 59650 ); script_name(english:"IBM WebSphere Application Server 8.5 < Fix Pack 2 Multiple Vulnerabilities"); script_summary(english:"Reads the version number from the SOAP port"); script_set_attribute(attribute:"synopsis", value: "The remote application server may be affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "IBM WebSphere Application Server 8.5 before Fix Pack 2 appears to be running on the remote host and is, therefore, potentially affected by the following vulnerabilities : - The included Java SDK contains several errors that affect the application directly. (CVE-2013-0169, CVE-2013-0440, CVE-2013-0443) - Input validation errors exist related to the administration console that could allow cross-site scripting attacks. (CVE-2013-0458 / PM71139, CVE-2013-0461 / PM71389, CVE-2013-0542 / PM81846, CVE-2013-0565 / PM83402) - An input validation error exists related to the administration console that could allow cross-site scripting attacks. Note that this issue affects only the application when running on z/OS operating systems. (CVE-2013-0459 / PM72536) - An unspecified error could allow security bypass for authenticated users. (CVE-2013-0462 / PM76886 or PM79937) - An error exists related to 'WS-Security' and SOAP message handling that could allow an attacker to spoof message signatures. (CVE-2013-0482 / PM76582) - An error exists related to authentication cookies that could allow remote attackers to gain access to restricted resources. Note this only affects the application when running the 'Liberty Profile'. (CVE-2013-0540 / PM81056) - A buffer overflow error exists related to 'WebSphere Identity Manger (WIM)' that could allow denial of service attacks. (CVE-2013-0541 / PM74909) - An unspecified error could allow security bypass, thus allowing remote attackers access to restricted resources on HP, Linux and Solaris hosts. (CVE-2013-0543 / PM75582) - An unspecified error related to the administration console could allow directory traversal attacks on Unix and Linux hosts. (CVE-2013-0544 / PM82468)"); script_set_attribute(attribute:"see_also", value:"https://www-304.ibm.com/support/docview.wss?&uid=swg21632423"); script_set_attribute(attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=swg21627634"); # https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_security_vulnerabilites_fixed_in_ibm_websphere_application_server_8_5_0_2?lang=en_us script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?889b42fc"); script_set_attribute(attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=swg24034672"); script_set_attribute(attribute:"solution", value: "Apply Fix Pack 2 for version 8.5 (8.5.0.2) or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2013-0462"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990); script_set_attribute(attribute:"vuln_publication_date", value:"2013/01/21"); script_set_attribute(attribute:"patch_publication_date", value:"2013/04/15"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/05/10"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:websphere_application_server"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Web Servers"); script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("websphere_detect.nasl"); script_require_keys("www/WebSphere"); script_require_ports("Services/www", 8880, 8881); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("http.inc"); port = get_http_port(default:8880, embedded:0); version = get_kb_item_or_exit("www/WebSphere/"+port+"/version"); source = get_kb_item_or_exit("www/WebSphere/"+port+"/source"); if (version !~ "^8\.5([^0-9]|$)") exit(0, "The version of the IBM WebSphere Application Server instance listening on port "+port+" is "+version+", not 8.5."); if (version =~ "^[0-9]+(\.[0-9]+)?$") exit(1, "Failed to extract a granular version from the IBM WebSphere Application Server instance listening on port " + port + "."); ver = split(version, sep:'.', keep:FALSE); for (i=0; i<max_index(ver); i++) ver[i] = int(ver[i]); if (ver[0] == 8 && ver[1] == 5 && ver[2] == 0 && ver[3] < 2) { set_kb_item(name:'www/'+port+'/XSS', value:TRUE); if (report_verbosity > 0) { report = '\n Version source : ' + source + '\n Installed version : ' + version + '\n Fixed version : 8.5.0.2' + '\n'; security_hole(port:port, extra:report); } else security_hole(port); exit(0); } else audit(AUDIT_LISTEN_NOT_VULN, "WebSphere", port, version);
NASL family Web Servers NASL id WEBSPHERE_8_0_0_6.NASL description IBM WebSphere Application Server 8.0 before Fix Pack 6 appears to be running on the remote host. It is, therefore, potentially affected by the following vulnerabilities : - An input validation error exists that could allow cross-site request forgery (CSRF) attacks. (CVE-2012-4853 / PM62920) - The included Java SDK contains several errors that affect the application directly. (CVE-2013-0169, CVE-2013-0440, CVE-2013-0443) - Input validation errors exist related to the administration console that could allow cross-site scripting attacks. (CVE-2013-0458 / PM71139, CVE-2013-0461 / PM71389, CVE-2013-0542 / PM81846) - An input validation error exists related to the administration console that could allow cross-site scripting attacks. Note that this issue affects only the application when running on z/OS operating systems. (CVE-2013-0459 / PM72536) - An unspecified error could allow security bypass for authenticated users. (CVE-2013-0462 / PM76886 or PM79937) - An error exists related to last seen 2020-06-01 modified 2020-06-02 plugin id 66374 published 2013-05-10 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/66374 title IBM WebSphere Application Server 8.0 < Fix Pack 6 Multiple Vulnerabilities code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(66374); script_version("1.14"); script_cvs_date("Date: 2019/11/27"); script_cve_id( "CVE-2012-4853", "CVE-2013-0169", "CVE-2013-0440", "CVE-2013-0443", "CVE-2013-0458", "CVE-2013-0459", "CVE-2013-0461", "CVE-2013-0462", "CVE-2013-0482", "CVE-2013-0541", "CVE-2013-0542", "CVE-2013-0543", "CVE-2013-0544" ); script_bugtraq_id( 56458, 57508, 57509, 57512, 57513, 57702, 57712, 57778, 59246, 59247, 59248, 59250, 59251, 59252, 59650 ); script_name(english:"IBM WebSphere Application Server 8.0 < Fix Pack 6 Multiple Vulnerabilities"); script_summary(english:"Reads the version number from the SOAP port"); script_set_attribute(attribute:"synopsis", value: "The remote application server may be affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "IBM WebSphere Application Server 8.0 before Fix Pack 6 appears to be running on the remote host. It is, therefore, potentially affected by the following vulnerabilities : - An input validation error exists that could allow cross-site request forgery (CSRF) attacks. (CVE-2012-4853 / PM62920) - The included Java SDK contains several errors that affect the application directly. (CVE-2013-0169, CVE-2013-0440, CVE-2013-0443) - Input validation errors exist related to the administration console that could allow cross-site scripting attacks. (CVE-2013-0458 / PM71139, CVE-2013-0461 / PM71389, CVE-2013-0542 / PM81846) - An input validation error exists related to the administration console that could allow cross-site scripting attacks. Note that this issue affects only the application when running on z/OS operating systems. (CVE-2013-0459 / PM72536) - An unspecified error could allow security bypass for authenticated users. (CVE-2013-0462 / PM76886 or PM79937) - An error exists related to 'WS-Security' and SOAP message handling that could allow an attacker to spoof message signatures. (CVE-2013-0482 / PM76582) - A buffer overflow error exists related to 'WebSphere Identity Manger (WIM)' that could allow denial of service attacks. (CVE-2013-0541 / PM74909) - An unspecified error could allow security bypass, thus allowing remote attackers access to restricted resources on HP, Linux and Solaris hosts. (CVE-2013-0543 / PM75582) - An unspecified error related to the administration console could allow directory traversal attacks on Unix and Linux hosts. (CVE-2013-0544 / PM82468)"); script_set_attribute(attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=swg21634646"); script_set_attribute(attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=swg21627634"); script_set_attribute(attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=swg24034673"); script_set_attribute(attribute:"solution", value: "Apply Fix Pack 6 for version 8.0 (8.0.0.6) or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2013-0462"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990); script_set_attribute(attribute:"vuln_publication_date", value:"2013/01/21"); script_set_attribute(attribute:"patch_publication_date", value:"2013/04/29"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/05/10"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:websphere_application_server"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Web Servers"); script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("websphere_detect.nasl"); script_require_keys("www/WebSphere"); script_require_ports("Services/www", 8880, 8881); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("http.inc"); port = get_http_port(default:8880, embedded:0); version = get_kb_item_or_exit("www/WebSphere/"+port+"/version"); if (version =~ "^[0-9]+(\.[0-9]+)?$") exit(1, "Failed to extract a granular version from the IBM WebSphere Application Server " + version + " instance listening on port " + port + "."); ver = split(version, sep:'.', keep:FALSE); for (i=0; i<max_index(ver); i++) ver[i] = int(ver[i]); if (ver[0] == 8 && ver[1] == 0 && ver[2] == 0 && ver[3] < 6) { set_kb_item(name:"www/"+port+"/XSS", value:TRUE); set_kb_item(name:"www/"+port+"/XSRF", value:TRUE); if (report_verbosity > 0) { source = get_kb_item_or_exit("www/WebSphere/"+port+"/source"); report = '\n Version source : ' + source + '\n Installed version : ' + version + '\n Fixed version : 8.0.0.6' + '\n'; security_hole(port:port, extra:report); } else security_hole(port); exit(0); } else audit(AUDIT_LISTEN_NOT_VULN, "WebSphere", port, version);
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC88185
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC88185
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM76582
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM76582
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM86026
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM86026
- http://www-01.ibm.com/support/docview.wss?uid=swg21634646
- http://www-01.ibm.com/support/docview.wss?uid=swg21634646
- http://www-01.ibm.com/support/docview.wss?uid=swg21635474
- http://www-01.ibm.com/support/docview.wss?uid=swg21635474
- https://exchange.xforce.ibmcloud.com/vulnerabilities/81548
- https://exchange.xforce.ibmcloud.com/vulnerabilities/81548