| VID |
22471 |
| Severity |
30 |
| Port |
8880, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
A version of IBM WebSphere Application Server which is older than 6.1.0.19 is running on the host. IBM WebSphere Application Server versions 6.1 prior to 6.1.0.19 could allow a remote attacker to obtain sensitive information, caused due to an unspecified error in "Servlet Engine/Web Container" when the "FileServing" feature is enabled. This vulnerability has unknown impact and attack vectors.
* Note: This check solely relied on the banner of the remote Web server to assess this vulnerability, so this might be a false positive.
* References:
http://www-01.ibm.com/support/docview.wss?uid=swg27007951#61019
http://www.frsirt.com/english/advisories/2008/2566
http://secunia.com/advisories/31892
* Platforms Affected:
IBM WebSphere Application Server versions 6.1 prior to 6.1.0.19 |
| Recommendation |
Upgrade to the latest version of IBM WebSphere Application Server (Fix Pack 19 (6.1.0.19) or later), available from the IBM Support & downloads Web site at http://www-01.ibm.com/support/docview.wss?uid=swg27007951#61019 |
| Related URL |
CVE-2008-4111 (CVE) |
| Related URL |
31186,31839 (SecurityFocus) |
| Related URL |
45122 (ISS) |
|
