TITLE:
IBM WebSphere Application Server Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA23414
VERIFY ADVISORY:
http://secunia.com/advisories/23414/
CRITICAL:
Moderately critical
IMPACT:
Unknown, Exposure of system information, Exposure of sensitive
information
WHERE:
>From remote
SOFTWARE:
IBM WebSphere Application Server 6.0.x
http://secunia.com/product/4651/
DESCRIPTION:
Some vulnerabilities have been reported in IBM WebSphere Application
Server, where some have unknown impacts and others can potentially be
exploited to disclose certain sensitive information.
1) An unspecified vulnerability in the Servlet Engine/Web Container
can potentially be exploited to disclose JSP source code.
2) A vulnerability exists in a General component due to an
unspecified error. No more information is currently available.
SOLUTION:
Update to version 6.0.2 Fix Pack 17.
http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24014306
PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.
ORIGINAL ADVISORY:
http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24014306
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.