IBM WebSphere Application Server 7.0 < Fix Pack 33 Multiple Vulnerabilities - Nessus

High   Plugin ID: 76967

---

This page contains detailed information about the IBM WebSphere Application Server 7.0 < Fix Pack 33 Multiple Vulnerabilities Nessus plugin including available exploits and PoCs found on GitHub, in Metasploit or Exploit-DB for verifying of this vulnerability.

Plugin Overview

---

ID: 76967
Name: IBM WebSphere Application Server 7.0 < Fix Pack 33 Multiple Vulnerabilities
Filename: websphere_7_0_0_33.nasl
Vulnerability Published: 2014-05-01
This Plugin Published: 2014-08-01
Last Modification Time: 2019-11-25
Plugin Version: 1.13
Plugin Type: remote
Plugin Family: Web Servers
Dependencies: websphere_detect.nasl
Required KB Items [?]: www/WebSphere

Vulnerability Information

---

Severity: High
Vulnerability Published: 2014-05-01
Patch Published: 2014-06-23
CVE [?]: CVE-2013-6323, CVE-2013-6329, CVE-2013-6438, CVE-2013-6738, CVE-2013-6747, CVE-2014-0050, CVE-2014-0098, CVE-2014-0114, CVE-2014-0453, CVE-2014-0460, CVE-2014-0859, CVE-2014-0878, CVE-2014-0891, CVE-2014-0963, CVE-2014-0965, CVE-2014-3022
CPE [?]: cpe:/a:ibm:websphere_application_server

Synopsis

The remote application server is affected by multiple vulnerabilities.

Description

IBM WebSphere Application Server 7.0 prior to Fix Pack 33 is running on the remote host. It is, therefore, affected by the following vulnerabilities :

- A cross-site scripting flaw exists within the Administration Console, where user input is improperly validated. This could allow a remote attacker, with a specially crafted request, to execute arbitrary script code within the browser / server trust relationship. (CVE-2013-6323, PI04777 and PI04880)

- A denial of service flaw exists within the Global Security Kit when handling SSLv2 resumption during the SSL/TLS handshake. This could allow a remote attacker to crash the program. (CVE-2013-6329, PI05309)

- A buffer overflow flaw exists in the HTTP server with the mod_dav module when using add-ons. This could allow a remote attacker to cause a buffer overflow and a denial of service. (CVE-2013-6438, PI09345)

- A cross-site scripting flaw exists within OAuth where user input is not properly validated. This could allow a remote attacker, with a specially crafted request, to execute arbitrary script code within the browser / server trust relationship. (CVE-2013-6738, PI05661)

- A denial of service flaw exists within the Global Security Kit when handling X.509 certificate chain during the initiation of an SSL/TLS connection. A remote attacker, using a malformed certificate chain, could cause the client or server to crash by hanging the Global Security Kit. (CVE-2013-6747, PI09443)

- A denial of service flaw exists within the Apache Commons FileUpload when parsing a content-type header for a multipart request. A remote attacker, using a specially crafted request, could crash the program. (CVE-2014-0050, PI12648, PI12926 and PI13162)

- A denial of service flaw exists in the 'mod_log_config' when logging a cookie with an unassigned value. A remote attacker, using a specially crafted request, can cause the program to crash. (CVE-2014-0098, PI13028)

- A remote code execution flaw exists with Apache Struts. The failure to restrict setting of Class loader attributes could allow a remote attacker to execute arbitrary script code. (CVE-2014-0114, PI17190)

- An information disclosure flaw exists in the 'sun.security.rsa.RSAPadding' with 'PKCS#1' unpadding. This many allow a remote attacker to gain timing information intended to be protected by encryption. (CVE-2014-0453)

- A flaw exists within 'com.sun.jndi.dns.DnsClient' related to the randomization of query IDs. This could allow a remote attacker to conduct spoofing attacks. (CVE-2014-0460)

- A denial of service flaw exists in a web server plugin on servers configured to retry failed POST request. This could allow a remote attacker to crash the application. (CVE-2014-0859, PI08892)

- A flaw exists with the 'IBMJCE' and 'IBMSecureRandom' cryptographic providers by generating numbers in a predictable manner. This could allow a remote attacker to easily guess the output of the random number generator. (CVE-2014-0878)

- An information disclosure flaw exists within Proxy and ODR servers. This could allow a remote attacker, using a specially crafted request, to gain access to potentially sensitive information. (CVE-2014-0891, PI09786)

- A denial of service flaw exists within the IBM Security Access Manager for Web with the Reverse Proxy component. This could allow a remote attacker, using specially crafted TLS traffic, to cause the application on the system to become unresponsive. (CVE-2014-0963, PI17025)

- An information disclosure flaw exists when handling SOAP responses. This could allow a remote attacker to potentially gain access to sensitive information. (CVE-2014-0965, PI11434)

- An information disclosure flaw exists. A remote attacker, using a specially crafted URL, could gain access to potentially sensitive information. (CVE-2014-3022, PI09594)

Solution

If using WebSphere Application Server, apply Fix Pack 33 (7.0.0.33) or later.

Otherwise, if using embedded WebSphere Application Server packaged with Tivoli Directory Server, apply the latest recommended eWAS fix pack.

Public Exploits

---

Target Network Port(s): 8880, 8881
Target Asset(s): Services/www
Exploit Available: True (Metasploit Framework, Exploit-DB, GitHub)
Exploit Ease: Exploits are available

Here's the list of publicly known exploits and PoCs for verifying the IBM WebSphere Application Server 7.0 < Fix Pack 33 Multiple Vulnerabilities vulnerability:

1. Metasploit: exploit/multi/http/struts_code_exec_classloader
   [Apache Struts ClassLoader Manipulation Remote Code Execution]
2. Metasploit: auxiliary/dos/http/apache_commons_fileupload_dos
   [Apache Commons FileUpload and Apache Tomcat DoS]
3. Exploit-DB: exploits/multiple/dos/31615.rb
   [EDB-31615: Apache Commons FileUpload and Apache Tomcat - Denial of Service]
4. Exploit-DB: exploits/multiple/remote/41690.rb
   [EDB-41690: Apache Struts < 1.3.10 / < 2.3.16.2 - ClassLoader Manipulation Remote Code Execution (Metasploit)]
5. GitHub: https://github.com/GiJ03/ReconScan
   [CVE-2013-6438]
6. GitHub: https://github.com/RoliSoft/ReconScan
   [CVE-2013-6438]
7. GitHub: https://github.com/issdp/test
   [CVE-2013-6438]
8. GitHub: https://github.com/keloud/TEC-MBSD2017
   [CVE-2013-6438]
9. GitHub: https://github.com/matoweb/Enumeration-Script
   [CVE-2013-6438]
10. GitHub: https://github.com/vshaliii/DC-1-Vulnhub-Walkthrough
    [CVE-2013-6438]
11. GitHub: https://github.com/NCSU-DANCE-Research-Group/CDL
    [CVE-2014-0050]
12. GitHub: https://github.com/adedov/victims-version-search
    [CVE-2014-0050]
13. GitHub: https://github.com/jrrdev/cve-2014-0050
    [CVE-2014-0050: CVE-2014-0050 Vulnerable site sample]
14. GitHub: https://github.com/GiJ03/ReconScan
    [CVE-2014-0098]
15. GitHub: https://github.com/RoliSoft/ReconScan
    [CVE-2014-0098]
16. GitHub: https://github.com/issdp/test
    [CVE-2014-0098]
17. GitHub: https://github.com/keloud/TEC-MBSD2017
    [CVE-2014-0098]
18. GitHub: https://github.com/matoweb/Enumeration-Script
    [CVE-2014-0098]
19. GitHub: https://github.com/vshaliii/DC-1-Vulnhub-Walkthrough
    [CVE-2014-0098]
20. GitHub: https://github.com/aenlr/strutt-cve-2014-0114
    [CVE-2014-0114]
21. GitHub: https://github.com/ian4hu/super-pom
    [CVE-2014-0114]
22. GitHub: https://github.com/rgielen/struts1filter
    [CVE-2014-0114: A request parameter filter solution for Struts 1 CVE-2014-0114 based on the work of ...]
23. GitHub: https://github.com/stevegy/jmap
    [CVE-2014-0114]
24. GitHub: https://github.com/vikasvns2000/StrutsExample
    [CVE-2014-0114]
25. GitHub: https://github.com/zema1/oracle-vuln-crawler
    [CVE-2014-0114]
26. GitHub: https://github.com/epsylon/orb
    [CVE-2014-0963]
27. GitHub: https://github.com/ricedu/struts1-patch
    [CVE-2014-0114: Struts1 CVE-2014-0114 classLoader manipulation vulnerability patch]

Before running any exploit against any system, make sure you are authorized by the owner of the target system(s) to perform such activity. In any other case, this would be considered as an illegal activity.

WARNING: Beware of using unverified exploits from sources such as GitHub or Exploit-DB. These exploits and PoCs could contain malware. For more information, see how to use exploits safely.

Risk Information

---

CVSS Score Source [?]: CVE-2014-0114
CVSS V2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C

CVSS Base Score:	7.5 (High)
Impact Subscore:	6.4
Exploitability Subscore:	10.0
CVSS Temporal Score:	6.2 (Medium)
CVSS Environmental Score:	NA (None)
Modified Impact Subscore:	NA
Overall CVSS Score:	6.2 (Medium)

Go back to menu.

Plugin Source

---

This is the websphere_7_0_0_33.nasl nessus plugin source code. This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(76967);
  script_version("1.13");
  script_cvs_date("Date: 2019/11/25");

  script_cve_id(
    "CVE-2013-6323",
    "CVE-2013-6329",
    "CVE-2013-6438",
    "CVE-2013-6738",
    "CVE-2013-6747",
    "CVE-2014-0050",
    "CVE-2014-0098",
    "CVE-2014-0114",
    "CVE-2014-0453",
    "CVE-2014-0460",
    "CVE-2014-0859",
    "CVE-2014-0878",
    "CVE-2014-0891",
    "CVE-2014-0963",
    "CVE-2014-0965",
    "CVE-2014-3022"
  );
  script_bugtraq_id(
    64249,
    65156,
    65400,
    66303,
    66914,
    66916,
    67051,
    67121,
    67238,
    67335,
    67579,
    67601,
    67720,
    68210,
    68211
  );

  script_name(english:"IBM WebSphere Application Server 7.0 < Fix Pack 33 Multiple Vulnerabilities");
  script_summary(english:"Reads the version number from the SOAP port.");

  script_set_attribute(attribute:"synopsis", value:
"The remote application server is affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"IBM WebSphere Application Server 7.0 prior to Fix Pack 33 is running
on the remote host. It is, therefore, affected by the following
vulnerabilities :

  - A cross-site scripting flaw exists within the
    Administration Console, where user input is improperly
    validated. This could allow a remote attacker, with a
    specially crafted request, to execute arbitrary script
    code within the browser / server trust relationship.
    (CVE-2013-6323, PI04777 and PI04880)

  - A denial of service flaw exists within the Global
    Security Kit when handling SSLv2 resumption during the
    SSL/TLS handshake. This could allow a remote attacker
    to crash the program. (CVE-2013-6329, PI05309)

  - A buffer overflow flaw exists in the HTTP server with
    the mod_dav module when using add-ons. This could allow
    a remote attacker to cause a buffer overflow and a
    denial of service. (CVE-2013-6438, PI09345)

  - A cross-site scripting flaw exists within OAuth where
    user input is not properly validated. This could allow
    a remote attacker, with a specially crafted request, to
    execute arbitrary script code within the browser /
    server trust relationship. (CVE-2013-6738, PI05661)

  - A denial of service flaw exists within the Global
    Security Kit when handling X.509 certificate chain
    during the initiation of an SSL/TLS connection. A remote
    attacker, using a malformed certificate chain, could
    cause the client or server to crash by hanging the
    Global Security Kit. (CVE-2013-6747, PI09443)

  - A denial of service flaw exists within the Apache
    Commons FileUpload when parsing a content-type header
    for a multipart request. A remote attacker, using a
    specially crafted request, could crash the program.
    (CVE-2014-0050, PI12648, PI12926 and PI13162)

  - A denial of service flaw exists in the 'mod_log_config'
    when logging a cookie with an unassigned value. A remote
    attacker, using a specially crafted request, can cause
    the program to crash. (CVE-2014-0098, PI13028)

  - A remote code execution flaw exists with Apache Struts.
    The failure to restrict setting of Class loader
    attributes could allow a remote attacker to
    execute arbitrary script code. (CVE-2014-0114, PI17190)

  - An information disclosure flaw exists in the
    'sun.security.rsa.RSAPadding' with 'PKCS#1' unpadding.
    This many allow a remote attacker to gain timing
    information intended to be protected by encryption.
    (CVE-2014-0453)

  - A flaw exists within 'com.sun.jndi.dns.DnsClient'
    related to the randomization of query IDs. This could 
    allow a remote attacker to conduct spoofing attacks.
    (CVE-2014-0460)

  - A denial of service flaw exists in a web server plugin
    on servers configured to retry failed POST request. This
    could allow a remote attacker to crash the application.
    (CVE-2014-0859, PI08892)

  - A flaw exists with the 'IBMJCE' and 'IBMSecureRandom'
    cryptographic providers by generating numbers in a
    predictable manner. This could allow a remote attacker
    to easily guess the output of the random number
    generator. (CVE-2014-0878)

  - An information disclosure flaw exists within Proxy and
    ODR servers. This could allow a remote attacker, using a
    specially crafted request, to gain access to potentially
    sensitive information. (CVE-2014-0891, PI09786)

  - A denial of service flaw exists within the IBM Security
    Access Manager for Web with the Reverse Proxy component.
    This could allow a remote attacker, using specially
    crafted TLS traffic, to cause the application on the
    system to become unresponsive. (CVE-2014-0963, PI17025)

  - An information disclosure flaw exists when handling SOAP
    responses. This could allow a remote attacker to
    potentially gain access to sensitive information.
    (CVE-2014-0965, PI11434)

  - An information disclosure flaw exists. A remote
    attacker, using a specially crafted URL, could gain
    access to potentially sensitive information.
    (CVE-2014-3022, PI09594)");
  script_set_attribute(attribute:"see_also", value:"https://www-304.ibm.com/support/docview.wss?uid=swg21676091");
  script_set_attribute(attribute:"see_also", value:"https://www-304.ibm.com/support/docview.wss?uid=swg21659548");
  script_set_attribute(attribute:"see_also", value:"https://www-304.ibm.com/support/docview.wss?uid=swg21663941");
  script_set_attribute(attribute:"see_also", value:"https://www-304.ibm.com/support/docview.wss?uid=swg21667254");
  script_set_attribute(attribute:"see_also", value:"https://www-304.ibm.com/support/docview.wss?uid=swg21667526");
  script_set_attribute(attribute:"see_also", value:"https://www-304.ibm.com/support/docview.wss?uid=swg21672843");
  script_set_attribute(attribute:"see_also", value:"https://www-304.ibm.com/support/docview.wss?uid=swg21672316");
  script_set_attribute(attribute:"see_also", value:"https://www-304.ibm.com/support/docview.wss?uid=swg21673013");
  script_set_attribute(attribute:"solution", value:
"If using WebSphere Application Server, apply Fix Pack 33 (7.0.0.33) or
later.

Otherwise, if using embedded WebSphere Application Server packaged
with Tivoli Directory Server, apply the latest recommended eWAS fix
pack.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-0114");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Apache Struts ClassLoader Manipulation Remote Code Execution');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/05/01");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/06/23");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/08/01");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:websphere_application_server");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Web Servers");

  script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("websphere_detect.nasl");
  script_require_keys("www/WebSphere");
  script_require_ports("Services/www", 8880, 8881);

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("http.inc");

port = get_http_port(default:8880, embedded:0);

version = get_kb_item_or_exit("www/WebSphere/"+port+"/version");
if (version !~ "^7\.0([^0-9]|$)") audit(AUDIT_NOT_LISTEN, "IBM WebSphere Application Server 7.0", port);
if (version =~ "^[0-9]+(\.[0-9]+)?$") audit(AUDIT_VER_NOT_GRANULAR, "IBM WebSphere Application Server", port, version);

ver = split(version, sep:'.', keep:FALSE);
for (i=0; i<max_index(ver); i++)
  ver[i] = int(ver[i]);

if (ver[0] == 7 && ver[1] == 0 && ver[2] == 0 && ver[3] < 33)
{
  set_kb_item(name:'www/'+port+'/XSS', value:TRUE);

  if (report_verbosity > 0)
  {
    source = get_kb_item_or_exit("www/WebSphere/"+port+"/source");
    report =
      '\n  Version source    : ' + source +
      '\n  Installed version : ' + version +
      '\n  Fixed version     : 7.0.0.33' +
      '\n';
    security_hole(port:port, extra:report);
  }
  else security_hole(port);
  exit(0);
}
else audit(AUDIT_LISTEN_NOT_VULN, "IBM WebSphere Application Server", port, version);

The latest version of this script can be found in these locations depending on your platform:

• Linux / Unix:
  /opt/nessus/lib/nessus/plugins/websphere_7_0_0_33.nasl
• Windows:
  C:\ProgramData\Tenable\Nessus\nessus\plugins\websphere_7_0_0_33.nasl
• Mac OS X:
  /Library/Nessus/run/lib/nessus/plugins/websphere_7_0_0_33.nasl

Go back to menu.

How to Run

---

Here is how to run the IBM WebSphere Application Server 7.0 < Fix Pack 33 Multiple Vulnerabilities as a standalone plugin via the Nessus web user interface (https://localhost:8834/):

1. Click to start a New Scan.
2. Select Advanced Scan.
3. Navigate to the Plugins tab.
4. On the top right corner click to Disable All plugins.
5. On the left side table select Web Servers plugin family.
6. On the right side table select IBM WebSphere Application Server 7.0 < Fix Pack 33 Multiple Vulnerabilities plugin ID 76967.
7. Specify the target on the Settings tab and click to Save the scan.
8. Run the scan.

Here are a few examples of how to run the plugin in the command line. Note that the examples below demonstrate the usage on the Linux / Unix platform.

Basic usage:

/opt/nessus/bin/nasl websphere_7_0_0_33.nasl -t <IP/HOST>

Run the plugin with audit trail message on the console:

/opt/nessus/bin/nasl -a websphere_7_0_0_33.nasl -t <IP/HOST>

Run the plugin with trace script execution written to the console (useful for debugging):

/opt/nessus/bin/nasl -T - websphere_7_0_0_33.nasl -t <IP/HOST>

Run the plugin with using a state file for the target and updating it (useful for running multiple plugins on the target):

/opt/nessus/bin/nasl -K /tmp/state websphere_7_0_0_33.nasl -t <IP/HOST>

Go back to menu.

References

---

BID | SecurityFocus Bugtraq ID:

• 64249, 65156, 65400, 66303, 66914, 66916, 67051, 67121, 67238, 67335, 67579, 67601, 67720, 68210, 68211

CWE | Common Weakness Enumeration:

• CWE-20 (Weakness) Improper Input Validation
• CWE-74 (Weakness) Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
• CWE-79 (Weakness) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
• CWE-442 (Category) DEPRECATED: Web Problems
• CWE-629 (View) Weaknesses in OWASP Top Ten (2007)
• CWE-711 (View) Weaknesses in OWASP Top Ten (2004)
• CWE-712 (Category) OWASP Top Ten 2007 Category A1 - Cross Site Scripting (XSS)
• CWE-722 (Category) OWASP Top Ten 2004 Category A1 - Unvalidated Input
• CWE-725 (Category) OWASP Top Ten 2004 Category A4 - Cross-Site Scripting (XSS) Flaws
• CWE-750 (View) Weaknesses in the 2009 CWE/SANS Top 25 Most Dangerous Programming Errors
• CWE-751 (Category) 2009 Top 25 - Insecure Interaction Between Components
• CWE-800 (View) Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors
• CWE-801 (Category) 2010 Top 25 - Insecure Interaction Between Components
• CWE-809 (View) Weaknesses in OWASP Top Ten (2010)
• CWE-811 (Category) OWASP Top Ten 2010 Category A2 - Cross-Site Scripting (XSS)
• CWE-864 (Category) 2011 Top 25 - Insecure Interaction Between Components
• CWE-900 (View) Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors
• CWE-928 (View) Weaknesses in OWASP Top Ten (2013)
• CWE-931 (Category) OWASP Top Ten 2013 Category A3 - Cross-Site Scripting (XSS)
• CWE-990 (Category) SFP Secondary Cluster: Tainted Input to Command

See also:

• https://www.tenable.com/plugins/nessus/76967
• https://www-304.ibm.com/support/docview.wss?uid=swg21659548
• https://www-304.ibm.com/support/docview.wss?uid=swg21663941
• https://www-304.ibm.com/support/docview.wss?uid=swg21667254
• https://www-304.ibm.com/support/docview.wss?uid=swg21667526
• https://www-304.ibm.com/support/docview.wss?uid=swg21672316
• https://www-304.ibm.com/support/docview.wss?uid=swg21672843
• https://www-304.ibm.com/support/docview.wss?uid=swg21673013
• https://www-304.ibm.com/support/docview.wss?uid=swg21676091
• https://vulners.com/nessus/WEBSPHERE_7_0_0_33.NASL

Similar and related Nessus plugins:

• 74293 - IBM WebSphere Portal Apache Commons FileUpload DoS
• 75324 - openSUSE Security Update : jakarta-commons-fileupload (openSUSE-SU-2014:0528-1)
• 75325 - openSUSE Security Update : jakarta-commons-fileupload (openSUSE-SU-2014:0527-1)
• 76110 - IBM DB2 10.1 < Fix Pack 3a Multiple Vulnerabilities
• 76111 - IBM DB2 10.5 < Fix Pack 3a Multiple Vulnerabilities
• 76112 - IBM DB2 9.1 TLS/SSL Multiple DoS Vulnerabilities
• 76113 - IBM DB2 9.5 <= Fix Pack 9 or 10 Multiple Vulnerabilities
• 76114 - IBM DB2 9.7 < Fix Pack 9a Multiple Vulnerabilities
• 76115 - IBM DB2 9.8 <= Fix Pack 5 Multiple Vulnerabilities
• 76240 - RHEL 5 / 6 : JBoss Web Server (RHSA-2014:0525)
• 76241 - RHEL 5 / 6 : JBoss Web Server (RHSA-2014:0526)
• 76242 - RHEL 5 / 6 : JBoss Web Server (RHSA-2014:0783)
• 76303 - GLSA-201406-32 : IcedTea JDK: Multiple vulnerabilities (BEAST) (ROBOT)
• 76388 - VMware vCenter Operations Management Suite Multiple Vulnerabilities (VMSA-2014-0007)
• 76398 - RHEL 5 / 6 : JBoss EAP (RHSA-2014:0826)
• 76450 - Scientific Linux Security Update : tomcat6 on SL6.x i386/srpm/x86_64 (20140709)
• 76570 - Oracle Secure Global Desktop Multiple Vulnerabilities (July 2014 CPU)
• 76995 - IBM WebSphere Application Server 8.0 < Fix Pack 9 Multiple Vulnerabilities
• 77048 - SuSE 11.3 Security Update : Apache Web Server (SAT Patch Number 9542)
• 77291 - openSUSE Security Update : apache2 (openSUSE-SU-2014:1045-1)
• 77292 - openSUSE Security Update : apache2 (openSUSE-SU-2014:1044-1)
• 77306 - Debian DSA-2940-1 : libstruts1.2-java - security update
• 77326 - Juniper NSM < 2012.2R9 Multiple Java and Apache Vulnerabilities (JSA10642)
• 77351 - Fedora 20 : struts-1.3.10-10.fc20 (2014-9380)
• 77438 - IBM WebSphere Application Server 8.5 < Fix Pack 8.5.5.3 Multiple Vulnerabilities
• 77456 - GLSA-201408-12 : Apache HTTP Server: Multiple vulnerabilities
• 77535 - IBM WebSphere Portal Apache Struts ClassLoader Manipulation RCE
• 77630 - VMSA-2014-0008 : VMware vSphere product updates to third-party libraries
• 77728 - VMware Security Updates for vCenter Server (VMSA-2014-0008)
• 77810 - IBM Domino 9.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities (uncredentialed check)
• 77811 - IBM Domino 9.0.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities (credentialed check) (POODLE)
• 77812 - IBM Notes 9.0.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities
• 78165 - F5 Networks BIG-IP : Apache Commons FileUpload vulnerability (K15189)
• 78274 - Amazon Linux AMI : httpd (ALAS-2014-331)

Version

---

This page has been produced using Nessus Professional 10.1.2 (#68) LINUX, Plugin set 202205072148.
Plugin file websphere_7_0_0_33.nasl version 1.13. For more plugins, visit the Nessus Plugin Library.

Go back to menu.