Next Page >>
application servers
Hash: SHA1
Core Security Technologies - CoreLabs Advisory
http://corelabs.coresecurity.com/
IBM WebSphere Application Server Cross-Site Request Forgery
1. *Advisory Information*
Title: IBM WebSphere Application Server Cross-Site Request Forgery
- -------------------
The product is best described by Oracle marketing literature in:
"Oracle WebLogic Server Enterprise Edition offers enterprises the ability to
consolidate their applications on a pool of shared servers for both high
efficiency and superior performance. No other application server has
the proven performance on industry benchmarks across the most varied
chip types and operating systems. Sophisticated High Availability
(HA) features built on clustered instances ensure uptime. Easy-to-use
yet substantial management tools keep systems going without hassle or
expense. By coalescing applications and services onto Oracle WebLogic
R08-08: Several XSS on Orion Application server 2.0 to 2.0.8
Vulnerability found: May 2008 Revalidated 23 July 2009
Vendor informed: 27th July 09
Vulnerability fixed:
Severity: Medium
Title
-----
DDIVRT-2011-33 IBM WebSphere Application Server 'help' Servlet Plug-in Bundle Directory Traversal [CVE-2011-1359]
Severity
--------
High
Date Discovered
---------------
1. Impact on Business
=====================
By exploiting this vulnerability, an internal or external attacker would be able execute arbitrary remote commands over vulnerable SAP Web Application
Servers, taking complete control of the SAP system.
With these privileges, he would be able to obtain, create, modify and/or delete any business related information stored in the vulnerable SAP system.
- - Risk Level: High
1. Impact on Business
=========================
By exploiting this vulnerability, an unauthenticated attacker would be able to remotely disrupt the SAP Application Server.
This would result in the total unavailability of the ERP functionality, preventing company users from performing the required business processes.
Risk Level: High
2. Advisory Information
[Discussion]
- DcLabs Security Research Group advises about following vulnerability(ies):
[Software]
- TOTVS ERP Microsiga Protheus (Application Server)
[Vendor Product Description]
- Software de Gesto - TOTVS
- TOTVS is a software company, innovation, relationship and support
management, the absolute leader in Brazil with 49.1% market share, and
Severity: CA has given this vulnerability a Medium risk rating.
Affected Products:
CA Cohesion Application Configuration Manager 4.5
CA CMDB Application Server 11.1
Unicenter Service Desk 11.2
Non-Affected Products
CA Cohesion Application Configuration Manager 4.5 SP1
ZDI-11-137: Oracle Application Server Authentication Bypass Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-137
April 19, 2011
-- CVE ID:
CVE-2011-0807
-- CVSS:
-----------------
Vendor product information:
PCU400 is the modern product when implementing an effective data acquisition network in SCADA-based systems
PCU400, Process Communication Unit 400 forms the communication interface to the network of remote terminal units (RTUs) together with the RCS Application Software located in the application server of a Network Manager SCADA system.
The PCU400 can be used as a SCADA front-end, communication gateway for Substation Automation systems or as a standalone protocol converter.
Two parts define the Data Acquisition system:
* RCS Application, a software package running in the Application Server
* PCU400, a front-end converter that implements the protocols and connects the physical lines
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Team SHATTER Security Advisory
SQL Injection in Oracle Application Server (WWEXP_API_ENGINE)
Audust 4, 2008
Risk Level:
High
NGSSoftware Insight Security Research Advisory
Name: PLSQL Injection in Oracle Application Server
Systems Affected: Oracle Application Server 9.0.4.3, 10.1.2.2, 10.1.4.1
Severity: Critical
Vendor URL: http://www.oracle.com/
Author: David Litchfield [ davidl@ngssoftware.com ]
Reported: 9th October 2007
Date of Public Advisory: 15th July 2008
Advisory number: #NISR15072008
ZDI-11-260: Nortel Media Application Server cstore.exe cs_anams Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-260
August 16, 2011
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
SEC Consult Security Advisory < 20090901-0 >
=======================================================================
title: File disclosure vulnerability in JSFTemplating,
Mojarra Scales and GlassFish Application Server v3 Admin
console
products: JSFTemplating (FileStreamer/PhaseListener component)
Mojarra Scales
GlassFish Application Server v3 Preview (Admin console)
vulnerable version: JSFTemplating: all versions < v1.2.11
Mojarra Scales: all versions < v1.3.2
- - Vendor: SAP
- - Affected Components:
* SAP Web Application Server 7.00 Patch Number 95
( Check note 1556749 for detailed information on affected releases)
- - Vulnerability Class: Abuse of designed functionality / Parameter Injection
- - Remotely Exploitable: Yes
Vulnerable Products
+------------------
All versions of Cisco Security Agent for Windows, either managed
or standalone, are affected. Agents that are running on Cisco IP
Communications application servers or agents on systems that are running
the Cisco Security Manager are examples of a standalone implementation.
Standalone agents are installed in the following Cisco IP Communications
products:
Varnish is a state-of-the-art, high-performance HTTP accelerator.
Cherokee is a very fast, flexible and easy to configure Web Server.
thttpd is a simple, small, portable, fast, and secure HTTP server.
mini_httpd is a small HTTP server.
WEBrick is a Ruby library providing simple HTTP web server services.
Orion Application Server is a pure java application-server.
AOLserver is America Online's Open-Source web server.
Yaws is a HTTP high perfomance 1.1 webserver.
Boa is a single-tasking HTTP server.
II. DESCRIPTION
Vendor: Apache Software Foundation (http://www.apache.org)
Product: Apache MyFaces (http://myfaces.apache.org/)
Versions affected: 1.2.8 and 1.1.7 are confirmed as
vulnerable. All previous versions are likely vulnerable.
Related products: Some versions of IBM WebSphere Application
Server (at least 6.x and 7.x) ship with Apache MyFaces
[8,9]
Description:
MyFaces is an open source implementation of the JavaServer
Faces standard. JavaServer Faces [10] is a framework that
4. Affected Components Description
==================================
The SAP Web Application Server (WebAS) is the application platform of the SAP NetWeaver, which is the basis for the other NetWeaver components. With
the SAP Web Application Server you can implement both server-based and client-based Web applications.
5. Vulnerability Details
========================
* Database
o 9.2.0.8 and lower
o 10.1.0.5 and lower
o 10.2.0.3 and lower
* Application Server
o 9.0.4.3 and lower
o 10.1.2.2 and lower
* Collaboration Suite
o 10.1.2 and lower
Vendor: Apache Software Foundation (http://www.apache.org)
Product: Apache MyFaces (http://myfaces.apache.org/)
Versions affected: 1.2.8 and 1.1.7 are confirmed as
vulnerable. All previous versions are likely vulnerable.
Related products: Some versions of IBM WebSphere Application
Server (at least 6.x and 7.x) ship with Apache MyFaces
[8,9]
Description:
MyFaces is an open source implementation of the JavaServer
Faces standard. JavaServer Faces [10] is a framework that
Vendor: Apache Software Foundation (http://www.apache.org)
Product: Apache MyFaces (http://myfaces.apache.org/)
Versions affected: 1.2.8 and 1.1.7 are confirmed as
vulnerable. All previous versions are likely vulnerable.
Related products: Some versions of IBM WebSphere Application
Server (at least 6.x and 7.x) ship with Apache MyFaces
[8,9]
Description:
MyFaces is an open source implementation of the JavaServer
Faces standard. JavaServer Faces [10] is a framework that
resources.
III. DESCRIPTION
-------------------------
Has been detected a reflected XSS vulnerability in Oracle Application
Server, that allows the execution of arbitrary HTML/script code to be
executed in the context of the victim user's browser.
The code injection is done through the DAD name. A DAD (Database
Access Descriptor) is a set of values that specifies how a database
server should fulfill a HTTP request.
Vendor: Apache Software Foundation (http://www.apache.org)
Product: Apache MyFaces (http://myfaces.apache.org/)
Versions affected: 1.2.8 and 1.1.7 are confirmed as
vulnerable. All previous versions are likely vulnerable.
Related products: Some versions of IBM WebSphere Application
Server (at least 6.x and 7.x) ship with Apache MyFaces
[8,9]
Description:
MyFaces is an open source implementation of the JavaServer
Faces standard. JavaServer Faces [10] is a framework that
Kerberos application client and server software (including third-party
applications) using GSS-API libraries from MIT releases krb5-1.7 and
newer are vulnerable to the DES GSS-API issue if they use GSS-API for
integrity protection of unencrypted messages.
Kerberos application server software (including third-party
applications) using libraries from MIT releases krb5-1.7 and newer are
vulnerable to the PAC issue.
Deployments running exclusively KDCs from releases krb5-1.8 and newer
are not vulnerable to the PAC issue because those KDCs discard
==============================
Muitiple XSS - Glassfish Web Interface (Sun Java System Application
Server 9.1_01 (build b09d-fcs) )
==============================
Author: Eduardo Neves a.k.a _eth0_
Date: 14 june 2008
Site: http://webappsecurity.wordpress.com
3. *Vulnerability Description*
Built using the GlassFish Server Open Source Edition, Oracle GlassFish
Server delivers a flexible, lightweight and extensible Java EE 6
platform. It provides a small footprint, fully featured Java EE
application server that is completely supported for commercial
deployment and is available as a standalone offering.
The Administration Console of Oracle GlassFish Server, which is
listening by default on port 4848/TCP, is prone to an authentication
bypass vulnerability. This vulnerability can be exploited by remote
==============================
XSS - Glassfish Web Admin Interface (Sun Java System Application
Server 9.1_01 (build b09d-fcs) )
==============================
Author: Eduardo Neves a.k.a _eth0_
Date: 10 june 2008
Site: http://webappsecurity.wordpress.com
- - Vendor: SAP
- - Affected Components:
* SAP Web Application Server 7.00 Patch Number 95
( Check note 1536640 for detailed information on affected releases)
- - Vulnerability Class: Cross-Site Scripting (XSS)
- - Remotely Exploitable: Yes
Digital Security Research Group [DSecRG] Advisory #DSECRG-08-023
Application: SAP Web Application Server
Versions Affected: Version 7.0
Vendor URL: http://SAP.com
Bugs: XSS
Exploits: YES
Reported: 25.01.2008
Next Page>>
|
