Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Exploits-HackingTools
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[NEWS] WebSphere Application Server Administrative Console Buffer Overfl

from [SecuriTeam] Network Security [Permanent Link]
Subject: [NEWS] WebSphere Application Server Administrative Console Buffer Overflow
Date: 12 Jun 2005 11:10:18 +0200 
The following security advisory is sent to the securiteam mailing list, and can 
be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

The SecuriTeam alerts list - Free, Accurate, Independent.

Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html 

- - - - - - - - -



  WebSphere Application Server Administrative Console Buffer Overflow
------------------------------------------------------------------------


SUMMARY

"The Administrative Console is a web-based tool used to manage the IBM 
WebSphere Application Server administrative server. The Administrative 
Console supports a full range of product administrative activities."

A buffer overflow in the WebSphere Application Server Administrative 
Console allows attackers to execute arbitrary code from remote.

DETAILS

Vulnerable Systems:
 * IBM WebSphere Application Server 5.0

Immune Systems:
 * IBM WebSphere Application Server 5.0.2.11

There is a buffer overflow in the WebSphere Application Server 
Administrative Console. The security vulnerability exists in the 
authentication mechanism. The authentication process takes place only when 
the 'global security option' is enabled in the server. The vulnerability 
can not be exploited if the security option is disabled. The default TCP 
ports where this vulnerability can be exploited include 9080 (HTTP), 9090 
(HTTP) and 9043 (HTTPS).

Exploitation of this vulnerability allows unauthenticated attackers to 
execute arbitrary code with the context of the server process.

Workaround:
The attack surface can be reduced by denying access to untrusted users on 
TCP ports 9080, 9090 and 9043.

Patch Availability:
Apply the WebSphere Application Server 5.0.2 Cumulative Fix 11. The patch 
can be found here:  
<http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24009775> 
http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24009775.


ADDITIONAL INFORMATION

The information has been provided by  <mailto:shatter@appsecinc.com> Team 
SHATTER.
The original article can be found at:  
<http://www.appsecinc.com/resources/alerts/general/WEBSPHERE-001.html> 
http://www.appsecinc.com/resources/alerts/general/WEBSPHERE-001.html



======================================== 


This bulletin is sent to members of the SecuriTeam mailing list. 
To unsubscribe from the list, send mail with an empty subject line and body to: 
list-unsubscribe@securiteam.com 
In order to subscribe to the mailing list, simply forward this email to: 
list-subscribe@securiteam.com 


==================== 
==================== 

DISCLAIMER: 
The information in this bulletin is provided "AS IS" without warranty of any 
kind. 
In no event shall we be liable for any damages whatsoever including direct, 
indirect, incidental, consequential, loss of business profits or special 
damages.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [NEWS] WebSphere Application Server Administrative Console Buffer Overflow, SecuriTeam <=
Previous by Date:  [UNIX] xmysqladmin Insecure Temporary File Creation, SecuriTeam
Next by Date:  [EXPL] WebHints Remote Command Execution (Exploit, hints.pl), SecuriTeam
Previous by Thread:  [UNIX] xmysqladmin Insecure Temporary File Creation, SecuriTeam
Next by Thread:  [EXPL] WebHints Remote Command Execution (Exploit, hints.pl), SecuriTeam
Indexes:  [Date] [Thread] [Top] [All Lists]