Technical Description

Multiple vulnerabilities have been identified in IBM WebSphere Application Server, which could be exploited by attackers to cause a denial of service or gain knowledge of sensitive information, and by malicious users to bypass security restrictions.

The first issue is caused by an unspecified security exposure with "fileServing" feature enabled. For additional information, see : VUPEN/ADV-2008-2566

The second vulnerability is caused by an error in the HTTP Transport component when processing an overly long host header, which could lead to an 0C4 abend in WebSphere controller.

The third issue is caused due to the Web Services component not honoring certificate revocation lists in cert store collections.

The fourth weakness is caused due to the Installation Factory installation process storing sensitive information in the "logs/instconfigifwas6.log" file when WAS is registered as a Windows service, which could allow local users to obtain sensitive information.

Affected Products

IBM WebSphere Application Server version 6.0.2.29 (Fix Pack 29) and prior

Solution

Upgrade to Fix Pack 31 (6.0.2.31) :
http://www.ibm.com/support/docview.wss?rs=180&uid=swg24020788

References

http://www.vupen.com/english/advisories/2008/2871
http://www-01.ibm.com/support/docview.wss?uid=swg27006876
http://xforce.iss.net/xforce/xfdb/48527

Credits

Vulnerabilities reported by the vendor.

ChangeLog

2008-10-21 : Initial release
2009-02-07 : Updated Description

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.