漏洞类别:Local
漏洞等级: 
漏洞信息
IBM WebSphere Application Server is designed to facilitate the creation of various enterprise Web applications.
IBM WebSphere Application Server has a insecure file permissions vulnerability resulting in log files to have different permissions other than expected.
Affected Versions:
IBM WebSphere Application Server :
Liberty
Version 9.0
Version 8.5.5
Version 8.5
Version 8.0
Version 7.0
QID Detection Logic (Unauthenticated):
This QID matches vulnerable versions in the response it receives by sending a HTTP GET request to target or retrieving by the banner information via the GIOP protocol.
QID Detection Logic (Authenticated):
Operating Systems: Windows
The QID checks if the file %ProgramFiles%\IBM\WebSphere\AppServer\bin\WASService.exe exists on the target or not.
The QID checks the file %programfiles%\IBM\WebSphere\AppServer\properties\version\WAS.product to get the version of IBM WebSphere Application Server
The QID checks if Interim fix PI79343 is applied on the vulnerable versions of IBM WebSphere Application Server -
This QID checks for the file
The following Versions and Interim Fixes checked swg22004785:
WebSphere Application Server version 9.0.0.0 through 9.0.0.4
WebSphere Application Server version 8.5.0.0 through 8.5.5.11
WebSphere Application Server version 8.0.0.0 through 8.0.0.13
WebSphere Application Server version 7.0.0.0 through 7.0.0.43
Interim Fix -PI79343
漏洞危害
Successful exploitation of the vulnerability will result in log files to have different permissions other than expected.
解决方案
The vendor has released a fix to resolve the issue, please refer to Recommended fixes for WebSphere Application Serverfor more information.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0daybank
文章评论