| VID |
14084 |
| Severity |
30 |
| Port |
22 |
| Protocol |
TCP |
| Class |
LSC |
| Detailed Description |
variables.xml which is the configuration file of WebSphere Application Server is not safe for secuirty reasons.
The environmental variables about WebSphere Application Server are stored in variables.xml file. If there is permission to write to the file, Serious problems can occur for secuirty reason. Therefore, Restriction is necessary for non-administrative users to write.
* Platforms Affected:
UNIX, Linux |
| Recommendation |
Remove other user's write permissions from the file as the following
chmod o-w (if the group has write permission: g-w) ./variables.xml
ex) chmod o-w {was_profile_root}/<AppSrv_name>/config/cells/<Cell_name>/variables.xml
ex) chmod g-w {was_profile_root}/<AppSrv_name>/config/cells/<Cell_name>/variables.xml |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
