Computer Security Global Security Mag Online anti virus spywares job oofers telecom and network security

SYNTHESIS OF THE VULNERABILITY

Several vulnerabilities of WebSphere AS can be used to attack the service.

Severity: 2/4

Consequences: client access/rights, data creation/edition

Provenance: internet client

Means of attack: 2 attacks

Ability of attacker: beginner (1/4)

Confidence: confirmed by the editor (5/5)

Diffusion of the vulnerable configuration: high (3/3)

Number of vulnerabilities in this bulletin: 7

Creation date: 26/03/2009

Revision date: 27/03/2009

IMPACTED PRODUCTS
 IBM WebSphere Application Server

DESCRIPTION OF THE VULNERABILITY

Several vulnerabilities were announced in WebSphere Application Server.

A vulnerability impacts SOAPAction. [grav:2/4; PK72138]

An attacker can access to sessions of the administrative console. [grav:2/4; CVE-2009-0892, PK74966]

The AX-RPC WS-Sexcurity runtime does not correctly validate a usernametoken. [grav:2/4; CVE-2009-1172, PK75992]

An attacker can create a Cross Site Scripting in application examples provided with WebSphere (PlantsByWebSphere, JAX-WS Web Services MTOM, JAX-WS Web Services Ping and Echo, Dynamic Query - Employee Finder, Dynamic Query - EJB Data Mediator Service, Application Profile - Account Management, Scheduler Account Report). [grav:1/4; DEFECT 566807, DSECRG-09-013, PK76720]

An attacker can create a Cross Site Scripting in the Integrated Solutions Console. [grav:2/4; BID-34259, DEFECT 566807, DSECRG-09-013, PK77505]

Some files are created with 777 (world writable) permissions instead of 755. [grav:2/4; BID-34259, CVE-2009-1173, PK77590]

A vulnerability impacts the XML signature. [grav:2/4; CVE-2009-1174, PK80596]

CHARACTERISTICS

Identifiers: BID-34259, CVE-2009-0892, CVE-2009-1172, CVE-2009-1173, CVE-2009-1174, DEFECT 566807, DSECRG-09-013, PK72138, PK74966, PK75992, PK76720, PK77505, PK77590, PK80596, swg27014463, VIGILANCE-VUL-8567 http://vigilance.fr/vulnerability/WebSphere-AS-7-0-0-several-vulnerabilities-8567