Vigil@nce: WebSphere AS 7.0, seven vulnerabilities
October 2012 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can use several vulnerabilities of WebSphere
Application Server.
– Impacted products: WebSphere AS
– Severity: 2/4
– Creation date: 24/09/2012
– Revision date: 25/09/2012
DESCRIPTION OF THE VULNERABILITY
Seven vulnerabilities were announced in WebSphere Application
Server.
An attacker can use a Cross Frame Scripting on the administrative
console. [severity:2/4; BID-54819, BID-55149, CVE-2012-3293,
PM60839]
When a malicious application is deplayed, script/executable files
located outside the directory are overwritten. [severity:2/4;
BID-55678, CVE-2012-3305, PM62467]
When PM44303 is installed on IBM WebSphere Application Server, a
local attacker can access to administration features
(VIGILANCE-VUL-11907 (https://vigilance.fr/tree/1/11907)).
[severity:2/4; BID-55309, CERTA-2012-AVI-475, CVE-2012-3325,
PM71296]
The session identifier is not properly updated, so an attacker can
gain privileges of the victim. [severity:2/4; BID-55678,
CVE-2012-3304, PM54356]
When a Federated Repository is used, WOLA (Optimized Local
Adapters) connections are allowed to EJB applications.
[severity:2/4; BID-55671, CVE-2012-3311, PM61388]
When there are several security domains, the authentication cache
is not properly purged. [severity:2/4; BID-55678, CVE-2012-3306,
PM66514]
An attacker can send malicious SSL packets, in order to create a
denial of service (VIGILANCE-VUL-12037 (https://vigilance.fr/tree/1/12037)
and VIGILANCE-VUL-12038 (https://vigilance.fr/tree/1/12038)).
[severity:2/4; BID-55185, CVE-2012-2190, CVE-2012-2191, PM66218]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/WebSphere-AS-7-0-seven-vulnerabilities-11973