Summary
The host is running IBM WebSphere Application Server and is prone to information disclosure vulnerability.
Impact
Successful exploitation will let remote unauthorized attackers to access or view files or obtain sensitive information.
Impact Level: Application
Solution
For WebSphere Application Server 6.0:
Apply the latest Fix Pack (6.0.2.39 or later) or APAR PK91414
For WebSphere Application Server 6.1:
Apply the latest Fix Pack (6.1.0.29 or later) or APAR PK91414
For WebSphere Application Server 7.1:
Apply the latest Fix Pack (7.0.0.7 or later) or APAR PK91414
For updates refer to http://www.ibm.com/support/docview.wss?uid=swg1PK91414
Insight
The flaw is due to error in the Naming and Directory Interface (JNDI) implementation. It does not properly restrict access to UserRegistry object methods, which allows remote attackers to obtain sensitive information via a crafted method call.
Affected
IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.39, 6.1 before 6.1.0.29, and 7.0 before 7.0.0.7
References
Severity
Classification
-
CVE CVE-2009-2747 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- IBM WebSphere Application Multiple Vulnerabilities Jul-11
- IOServer Trailing Backslash Multiple Directory Traversal Vulnerabilities
- Boa Webserver Terminal Escape Sequence in Logs Command Injection Vulnerability
- Apache mod_include priviledge escalation
- Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability