IBM WebSphere Application Multiple Vulnerabilities Jul-11

Summary
The host is running IBM WebSphere Application Server and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow remote users to gain sensitive information to redirect users to arbitrary web sites and conduct phishing attacks via the logoutExitPage parameter. Impact Level: Application
Solution
Upgrade to BM WebSphere Application Server 6.1.0.39 or 7.0.0.19 For updates refer to http://www-01.ibm.com/software/webservers/appserv/was/
Insight
Multiple flaws are due to an error in, - handling 'logoutExitPage' parameter, which allows to bypass security restrictions. - handling Administration Console requests, which allows local attacker to obtain sensitive information.
Affected
IBM WebSphere Application Server 6.1 before 6.1.0.39 and 7.0 before 7.0.0.19
References