[2/5] WebSphere Application Server Community Edition WebDAV Content Disclosure

November 1st, 2007 by

[2/5] WebSphere Application Server Community Edition WebDAV Content Disclosure

:IBM has acknowledged a vulnerability in WebSphere Application Server Community Edition, which can be exploited by malicious users to disclose potentially sensitive information.For more information:SA27398Successful exploitation requires a configured write-enabled Webdav servlet.The vulnerability is reported in all versions of WebSphere Application Server Community Edition.Solution:The vendor recommends reconfiguring or extending the Webdav servlet. See the vendor’s advisory for details.Original Advisory:http://www-1.ibm.com/support/docview.wss?uid=swg21286112Other References:SA27398:http://secunia.com/advisories/27398/

Original post by nitish

[2/5] WebSphere Application Server Community Edition WebDAV Content Disclosure

Related Articles:

[2/5] IBM WebSphere Application Server Community Edition SQLLoginModule Security Bypass

[2/5] IBM WebSphere Application Server Community Edition MEJB Security Bypass

[1/5] IBM WebSphere Application Server serveServletsByClassnameEnabled Information Disclosure

[1/5] WebSphere Application Server for z/OS HTTP Server Denial of Service

[2/5] Apache Geronimo WebDAV Arbitrary File Content Disclosure

Posted in Advisories - Exploits | | [2/5] WebSphere Application Server Community Edition WebDAV Content Disclosure

<< [2/5] rPath update for cups | [2/5] IBM Tivoli Continuous Data Protection for Files Insecure Permissions >>

Cybertrion Systems

[2/5] WebSphere Application Server Community Edition WebDAV Content Disclosure

Categories

Archives:

Search:

Meta: