BID:2482

IBM Net.Commerce WebSphere Weak Password Vulnerability

Bugtraq ID:	2482
Class:	Origin Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Mar 07 2001 12:00AM
Updated:	Mar 07 2001 12:00AM
Credit:	Reported to bugtraq by rudi carell <[email protected]> on Mon, 5 Feb 2001 and by Rasmus Petersen <[email protected]> on Mar 6, 2001.
Vulnerable:	IBM WebSphere Commerce Suite Service Provider 3.2 IBM WebSphere Commerce Suite MarketPlace 4.1 IBM Net.Commerce 3.2 IBM Net.Commerce 3.1.2 - IBM AIX 4.3.2 - IBM AIX 4.3.1 - IBM AIX 4.2.1 - Microsoft Windows NT 4.0 - Sun Solaris 7.0 - Sun Solaris 2.6 IBM Net.Commerce 3.1.1 IBM Net.Commerce 3.1 - HP HP-UX 11.0 - Microsoft Windows 2000 Professional - Microsoft Windows NT 4.0 - Sun Solaris 2.5.1 - Sun Solaris 8_sparc - Sun Solaris 7.0 - Sun Solaris 2.6

Not Vulnerable:	IBM Websphere Application Server 3.0.2 .1 - IBM AIX 4.3 - Linux kernel 2.3 .x - Microsoft Windows NT 4.0 - Sun Solaris 8_sparc IBM Websphere Application Server 3.0.2 - IBM AIX 4.3 - Linux kernel 2.3 .x - Microsoft Windows NT 4.0 - Sun Solaris 8_sparc IBM Websphere Application Server 3.0 - IBM AIX 4.3 - Linux kernel 2.3 .x - Microsoft Windows NT 4.0 - Novell Netware 5.0 - Sun Solaris 8_sparc IBM Websphere Application Server 2.0 - IBM AIX 4.3 - Linux kernel 2.3 .x - Microsoft Windows NT 4.0 - Novell Netware 5.0 - Sun Solaris 8_sparc