Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:15421
HistoryDec 18, 2006 - 12:00 a.m.

[SA23414] IBM WebSphere Application Server Multiple Vulnerabilities

2006-12-1800:00:00
vulners.com
8

TITLE:
IBM WebSphere Application Server Multiple Vulnerabilities

SECUNIA ADVISORY ID:
SA23414

VERIFY ADVISORY:
http://secunia.com/advisories/23414/

CRITICAL:
Moderately critical

IMPACT:
Unknown, Exposure of system information, Exposure of sensitive
information

WHERE:
>From remote

SOFTWARE:
IBM WebSphere Application Server 6.0.x
http://secunia.com/product/4651/

DESCRIPTION:
Some vulnerabilities have been reported in IBM WebSphere Application
Server, where some have unknown impacts and others can potentially be
exploited to disclose certain sensitive information.

1) An unspecified vulnerability in the Servlet Engine/Web Container
can potentially be exploited to disclose JSP source code.

2) A vulnerability exists in a General component due to an
unspecified error. No more information is currently available.

SOLUTION:
Update to version 6.0.2 Fix Pack 17.
http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24014306

PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.

ORIGINAL ADVISORY:
http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24014306


About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.