ID CVE-2012-3330
Summary The proxy server in IBM WebSphere Application Server 7.0 before 7.0.0.27, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1, and WebSphere Virtual Enterprise, allows remote attackers to cause a denial of service (daemon outage) via a crafted request.
References
Vulnerable Configurations
  • IBM WebSphere Application Server 7.0.0.5
    cpe:2.3:a:ibm:websphere_application_server:7.0.0.5
  • IBM WebSphere Application Server 7.0.0.9 (Fix Pack 9)
    cpe:2.3:a:ibm:websphere_application_server:7.0.0.9
  • IBM WebSphere Application Server 7.0.0.19 (Fix Pack 19)
    cpe:2.3:a:ibm:websphere_application_server:7.0.0.19
  • IBM WebSphere Application Server 7.0.0.2
    cpe:2.3:a:ibm:websphere_application_server:7.0.0.2
  • IBM WebSphere Application Server 7.0
    cpe:2.3:a:ibm:websphere_application_server:7.0
  • IBM WebSphere Application Server 7.0.0.6
    cpe:2.3:a:ibm:websphere_application_server:7.0.0.6
  • IBM WebSphere Application Server 7.0.0.8
    cpe:2.3:a:ibm:websphere_application_server:7.0.0.8
  • IBM WebSphere Application Server 7.0.0.7
    cpe:2.3:a:ibm:websphere_application_server:7.0.0.7
  • IBM WebSphere Application Server 7.0.0.25 (Fix Pack 25)
    cpe:2.3:a:ibm:websphere_application_server:7.0.0.25
  • IBM WebSphere Application Server 7.0.0.11 (Fix Pack 11)
    cpe:2.3:a:ibm:websphere_application_server:7.0.0.11
  • IBM WebSphere Application Server 7.0.0.4
    cpe:2.3:a:ibm:websphere_application_server:7.0.0.4
  • IBM WebSphere Application Server 7.0.0.3
    cpe:2.3:a:ibm:websphere_application_server:7.0.0.3
  • IBM WebSphere Application Server 7.0.0.1
    cpe:2.3:a:ibm:websphere_application_server:7.0.0.1
  • IBM WebSphere Application Server 7.0.0.13 (Fix Pack 13)
    cpe:2.3:a:ibm:websphere_application_server:7.0.0.13
  • IBM WebSphere Application Server 7.0.0.21
    cpe:2.3:a:ibm:websphere_application_server:7.0.0.21
  • IBM WebSphere Application Server 7.0.0.23
    cpe:2.3:a:ibm:websphere_application_server:7.0.0.23
  • IBM WebSphere Application Server 7.0.0.17 (Fix Pack 17)
    cpe:2.3:a:ibm:websphere_application_server:7.0.0.17
  • IBM WebSphere Application Server 7.0.0.15 (Fix Pack 15)
    cpe:2.3:a:ibm:websphere_application_server:7.0.0.15
  • IBM WebSphere Application Server 8.0.0.0
    cpe:2.3:a:ibm:websphere_application_server:8.0.0.0
  • IBM WebSphere Application Server 8.0.0.1
    cpe:2.3:a:ibm:websphere_application_server:8.0.0.1
  • IBM WebSphere Application Server 8.0.0.2 (Fix Pack 2)
    cpe:2.3:a:ibm:websphere_application_server:8.0.0.2
  • IBM WebSphere Application Server 8.0.0.3 (Fix Pack 3)
    cpe:2.3:a:ibm:websphere_application_server:8.0.0.3
  • IBM WebSphere Application Server 8.0.0.4 (Fix Pack 4)
    cpe:2.3:a:ibm:websphere_application_server:8.0.0.4
  • IBM WebSphere Application Server 8.5.0.0
    cpe:2.3:a:ibm:websphere_application_server:8.5.0.0
CVSS
Base: 5.0 (as of 14-11-2012 - 13:51)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Web Servers
    NASL id WEBSPHERE_8_0_0_5.NASL
    description IBM WebSphere Application Server 8.0 before Fix Pack 5 appears to be running on the remote host. It is, therefore, potentially affected by the following vulnerabilities : - An unspecified error exists related to the Administrative Console that can allow an attacker to hijack sessions. (CVE-2012-3304, PM54356) - An unspecified directory traversal error exists that can allow remote attackers to overwrite files outside the application's deployment directory. (CVE-2012-3305, PM62467) - When multi-domain support is enabled, the application does not properly purge passwords from the authentication cache. (CVE-2012-3306, PM66514) - An error exists related to Federated Repositories for IIOP connections, Optimized Local Adapters and CBIND checking that can allow a local attacker to access or modify arbitrary files. Note this issue only affects the application when hosted on z/OS. (CVE-2012-3311, PM61388) - The fix contained in PM44303 contains an error that can allow an authenticated attacker to bypass security restrictions and gain administrative access to the application. (CVE-2012-3325, PM71296) - A request validation error exists related to the proxy server component that could allow a remote attacker to cause the proxy status to be reported as disabled, thus denying applications access to the proxy. (CVE-2012-3330, PM71319)
    last seen 2019-01-16
    modified 2018-08-06
    plugin id 64380
    published 2013-01-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64380
    title IBM WebSphere Application Server 8.0 < Fix Pack 5 Multiple Vulnerabilities
  • NASL family Web Servers
    NASL id WEBSPHERE_8_5_0_1.NASL
    description IBM WebSphere Application Server 8.5 before Fix Pack 1 appears to be running on the remote host and is, therefore, potentially affected by the following vulnerabilities : - An input validation error exists related to the 'Eclipse Help System' that can allow arbitrary redirect responses to HTTP requests. (CVE-2012-2159, PM66410) - Several errors exist related to SSL/TLS that can allow an attacker to carry out denial of service attacks against the application. (CVE-2012-2190, CVE-2012-2191, PM66218) - Unspecified cross-site scripting issues exist related to the administrative console. (CVE-2012-3293, PM60839) - An unspecified error in the 'ISC Console' can allow a remote attacker to take over a valid user's session. (CVE-2012-3304, PM54356) - An unspecified directory traversal error exists that can allow remote attackers to overwrite files outside the application's deployment directory. (CVE-2012-3305, PM62467) - When multi-domain support is enabled, the application does not properly purge passwords from the authentication cache. (CVE-2012-3306, PM66514) - An error exists related to 'Federated Repositories', 'IIOP' connections, 'CBIND' checking and 'Optimized Local Adapters' that can allow a remote attacker to bypass security restrictions. Note that this issue affects the application when running on z/OS. (CVE-2012-3311, PM61388) - The fix contained in PM44303 contains an error that can allow an authenticated attacker to bypass security restrictions and gain administrative access to the application. (CVE-2012-3325, PM71296) - A request validation error exists related to the proxy server component that can allow a remote attacker to cause the proxy status to be reported as disabled thus denying applications access to the proxy. (CVE-2012-3330, PM71319) - A request validation error exists related to the 'Liberty Profile' and 'JAX-RS' that can allow a remote attacker to elevate privileges. (CVE-2012-4850, PM67082) - A user-supplied input validation error exists related to the 'Liberty Profile' that can allow cross-site scripting attacks to be carried out. (CVE-2012-4851, PM68643) - A user-supplied input validation error exists that can allow cross-site request forgery (CSRF) attacks to be carried out. (CVE-2012-4853, PM62920)
    last seen 2019-01-16
    modified 2018-08-06
    plugin id 62975
    published 2012-11-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62975
    title IBM WebSphere Application Server 8.5 < Fix Pack 1 Multiple Vulnerabilities
  • NASL family Web Servers
    NASL id WEBSPHERE_7_0_0_27.NASL
    description IBM WebSphere Application Server 7.0 before Fix Pack 27 appears to be running on the remote host. It is, therefore, potentially affected by the following vulnerabilities : - A request validation error exists related to the proxy server component that could allow a remote attacker to cause the proxy status to be reported as disabled, thus denying applications access to the proxy. (CVE-2012-3330, PM71319) - A user-supplied input validation error exists that could allow cross-site request forgery (CSRF) attacks to be carried out. (CVE-2012-4853, PM62920) - Unspecified errors exist related to the administration console that could allow cross-site scripting attacks. (CVE-2013-0458, CVE-2013-0459, CVE-2013-0460, PM71139, PM72536, PM72275) - An unspecified error exists related to the administration console for 'virtual member manager' (VMM) that can allow cross-site scripting. (CVE-2013-0461, PM71389)
    last seen 2019-01-16
    modified 2018-08-06
    plugin id 64097
    published 2013-01-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64097
    title IBM WebSphere Application Server 7.0 < Fix Pack 27 Multiple Vulnerabilities
refmap via4
aixapar PM71319
confirm http://www.ibm.com/support/docview.wss?uid=swg21614265
xf was-proxy-dos(78047)
Last major update 14-11-2012 - 13:59
Published 14-11-2012 - 07:30
Last modified 28-08-2017 - 21:31
Back to Top