Vigil@nce: WebSphere AS 7.0.0, several vulnerabilities
April 2009 by Vigil@nce
SYNTHESIS OF THE VULNERABILITY
Several vulnerabilities of WebSphere AS can be used to attack the
service.
Severity: 2/4
Consequences: client access/rights, data creation/edition
Provenance: internet client
Means of attack: 2 attacks
Ability of attacker: beginner (1/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Number of vulnerabilities in this bulletin: 7
Creation date: 26/03/2009
Revision date: 27/03/2009
IMPACTED PRODUCTS
– IBM WebSphere Application Server
DESCRIPTION OF THE VULNERABILITY
Several vulnerabilities were announced in WebSphere Application
Server.
A vulnerability impacts SOAPAction. [grav:2/4; PK72138]
An attacker can access to sessions of the administrative console.
[grav:2/4; CVE-2009-0892, PK74966]
The AX-RPC WS-Sexcurity runtime does not correctly validate a
usernametoken. [grav:2/4; CVE-2009-1172, PK75992]
An attacker can create a Cross Site Scripting in application
examples provided with WebSphere (PlantsByWebSphere, JAX-WS Web
Services MTOM, JAX-WS Web Services Ping and Echo, Dynamic Query -
Employee Finder, Dynamic Query - EJB Data Mediator Service,
Application Profile - Account Management, Scheduler Account
Report). [grav:1/4; DEFECT 566807, DSECRG-09-013, PK76720]
An attacker can create a Cross Site Scripting in the Integrated
Solutions Console. [grav:2/4; BID-34259, DEFECT 566807,
DSECRG-09-013, PK77505]
Some files are created with 777 (world writable) permissions
instead of 755. [grav:2/4; BID-34259, CVE-2009-1173, PK77590]
A vulnerability impacts the XML signature. [grav:2/4;
CVE-2009-1174, PK80596]
CHARACTERISTICS
Identifiers: BID-34259, CVE-2009-0892, CVE-2009-1172,
CVE-2009-1173, CVE-2009-1174, DEFECT 566807, DSECRG-09-013,
PK72138, PK74966, PK75992, PK76720, PK77505, PK77590, PK80596,
swg27014463, VIGILANCE-VUL-8567
http://vigilance.fr/vulnerability/WebSphere-AS-7-0-0-several-vulnerabilities-8567