CIA Security Research, Security Alerts, Security Tools for Application Security

- Top Vulnerabilities

- Resources

- Alerts

- Disclosure Guidelines

- Library Updates

- Cenzic Newsletter

- White Paper Download

CIA RESEARCH

Alerts

[CIA-1049-Alert] IBM Websphere Multiple Vulnerabilities

Summary:

Vulnerabilities were disclosed in the 5.x and 4.x releases of Websphere that should be addressed by sites running affected releases.

Technical Details:

Various versions of IBM Websphere are vulnerable to attacks that allow source code disclosure or denial of service attacks.

JSP Disclosure

The Java Server Page Source Disclosure Vulnerability affects Websphere versions 4.0.1 through 4.0.3. Under certain conditions the JSP source of files can be displayed rather than the intended page. Displaying the page source is not only a disclosure of confidential information, but it may help an attacker find other vulnerabilities in the web application running on the the Websphere Host.

Denial of service via overly long Header values

IBM WebSphere Lets Remote Users deny service with malformed headers on certain 5.X versions of websphere. Affected versions are listed below.

5.0 release versions 5.0.2.15 and prior.
5.1 release versions 5.1.1.9 and prior

Sending Large Header values to affected versions can cause the server to crash. An attacker could construct malicious headers with a wide variety of tools, although the precise header length required to crash the server has not been disclosed.

Solution:

To eliminate the Source Code disclosure vulnerability apply the appropriate fix packs available from the vendor, or upgrade to version 5.0.2.16 if you are running a 5.0 version. Uograde to 5.1.1.10 if you are running a 5.1 Websphere release. Additional information is available at the URL below:

www.ibm.com/support/docview.wss?uid=swg21053738

The Denial of Service vulnerability affecting 4.0.1 through 4.0.3 can be eliminated by APAR (PQ62144) as well as upgrading to version 4.0.4. Additional information is available at the URL below:

www.ibm.com/support/docview.wss?uid=swg21053738

CVE Reference:

GENERIC-MAP-NOMATCH

SecurityTracker Number(s):

1015716, 1015857

Vendor URL:

www.ibm.com

About the Cenzic CIA Team:

Cenzic Intelligent Analysis (CIA) is Cenzic's research arm that focuses on continuous research for application vulnerabilities. Industry Research, Vulnerability assessment, penetration testing, and security testing - that's what Cenzic Intelligent Analysis Research is all about. Cenzic has dedicated experts whose sole job is to perform ongoing research to find not only common vulnerabilities but also vulnerabilities found in customer applications and make them available to our customers and to the community at large.

About Cenzic:

Cenzic provides Hailstorm® the revolutionary enterprise software suite for automated application security assessment and compliance that allows corporations and government organizations to dramatically improve the security of commercial and custom applications. Hailstorm enables security experts, QA professionals, and developers to work together to assess, analyze, and remediate applications for security vulnerabilities, and verify compliance with security policies. Benefits include reduced security risk and liability, lower development and testing costs, and faster time-to-market. Cenzic's customers are currently in the financial services and e-marketplaces sectors. For more information visit www.cenzic.com or call 1-866-4-CENZIC


>	Datasheet: Hailstorm Enterprise ARC
>	Datasheet: Hailstorm Pro
>	Datasheet: Hailstorm Starter
>	Datasheet: Hailstorm Core
>	White Paper: Beyond Simple Vulnerabilities Scanning
>	White Paper: Cross Frame Scripting
>	White Paper: Cenzic Imperative Assessment Plan
>	White Paper: Enabling Security in the Software Development Lifecycle (PDF)