|
Remote Buffer overflow in WebSphere Application Server Administrative Console
June 2, 2005
Risk Level: High
Affected versions:
IBM WebSphere Application Server 5.0
Credits:
This vulnerability was discovered and researched by Esteban Martínez Fayó of Argeniss for Application Security Inc.
Background:
The Administrative Console is a web-based tool used to manage the IBM WebSphere Application Server administrative server. The Administrative Console supports a full range of product administrative activities.
Details:
There is a Unicode buffer overflow in the WebSphere Application Server Administrative Console. The security vulnerability exists in the authentication mechanism. It can be exploited when the 'global security option' is enabled in the server and configured with Local OS registry. The authentication process takes place only when the 'global security option' is enabled in the server. The vulnerability can not be exploited if the security option is disabled or when LDAP user registry is used. Windows and Unix versions are affected. The default TCP ports where this vulnerability can be exploited include 9080 (HTTP), 9090 (HTTP) and 9043 (HTTPS).
Impact:
Unauthenticated attackers may execute arbitrary code in the context of the server process.
Workaround:
Use LDAP user registry instead of Local OS registry. The attack surface can be reduced by denying access to untrusted users on TCP ports 9080, 9090 and 9043.
Vendor Status:
Vendor was contacted and a patch was released.
Fix:
Apply the WebSphere Application Server 5.0.2 Cumulative Fix 11. The patch can be found here:
http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24009775
|
