漏洞类别:Local
漏洞等级: 
漏洞信息
IBM WebSphere Application Server is designed to facilitate the creation of various enterprise Web applications.
IBM WebSphere Application Server is vulnerable to a HTTP response splitting attack. This can be exploited by sending a specially crafted request which returns a split HTTP response.
Affected Versions:
IBM WebSphere Application Server :
Liberty
Version 8.5.5
Version 8.5
Version 8.0
Version 7.0
QID Detection Logic (Unauthenticated):
This QID matches vulnerable versions in the response it receives by sending a HTTP GET request to target.
QID Detection Logic (Authenticated):
Operating Systems: Windows 7 The QID checks if the file %ProgramFiles%\IBM\WebSphere\AppServer\bin\WASService.exe exists on the target or not.
The QID checks the file %programfiles%\IBM\WebSphere\AppServer\properties\version\WAS.product to get the version of IBM WebSphere Application Server
The QID if Interim fix PI58918 is applied on the vulnerable versions of IBM WebSphere Application Server -
This QID checks for the file
The following Versions and Interim Fixes checked swg21982526:
WebSphere Application Server version 8.5.0.0 through 8.5.5.9
WebSphere Application Server version 8.0.0.0 through 8.0.0.12
WebSphere Application Server version 7.0.0.0 through 7.0.0.41
Interim Fix - PI58918
漏洞危害
The vulnerability would cause the server to return a split response once it recieves a specially-crafted request.
解决方案
The vendor has released a fix to resolve the issue, please refer to Recommended fixes for WebSphere Application Serverfor more information.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论