IBM WebSphere Application Server SIP Logging Information Disclosure Vulnerability

Bugtraq ID:	39701
Class:	Design Error
CVE:
Remote:	No
Local:	Yes
Published:	Apr 22 2010 12:00AM
Updated:	Apr 22 2010 12:00AM
Credit:	IBM
Vulnerable:	IBM Websphere Application Server 7.0 3 IBM Websphere Application Server 7.0 .9 IBM Websphere Application Server 7.0 .8 IBM Websphere Application Server 6.1.2 IBM Websphere Application Server 6.1 .9 IBM Websphere Application Server 6.1 .8 IBM Websphere Application Server 6.1 .7 IBM Websphere Application Server 6.1 .6 IBM Websphere Application Server 6.1 .5 IBM Websphere Application Server 6.1 .4 IBM Websphere Application Server 6.1 .3 IBM Websphere Application Server 6.1 .25 IBM Websphere Application Server 6.1 .23 IBM Websphere Application Server 6.1 .22 IBM Websphere Application Server 6.1 .21 IBM Websphere Application Server 6.1 .20 IBM Websphere Application Server 6.1 .2 IBM Websphere Application Server 6.1 .19 IBM Websphere Application Server 6.1 .18 IBM Websphere Application Server 6.1 .17 IBM Websphere Application Server 6.1 .15 IBM Websphere Application Server 6.1 .14 IBM Websphere Application Server 6.1 .13 IBM Websphere Application Server 6.1 .12 IBM Websphere Application Server 6.1 .11 IBM Websphere Application Server 6.1 .10 IBM Websphere Application Server 6.1 .1 IBM Websphere Application Server 6.1 IBM Websphere Application Server 6.0.2 .9 IBM Websphere Application Server 6.0.2 .7 IBM Websphere Application Server 6.0.2 .5 IBM Websphere Application Server 6.0.2 .39 IBM Websphere Application Server 6.0.2 .35 IBM Websphere Application Server 6.0.2 .33 IBM Websphere Application Server 6.0.2 .31 IBM Websphere Application Server 6.0.2 .3 IBM Websphere Application Server 6.0.2 .29 IBM Websphere Application Server 6.0.2 .27 IBM Websphere Application Server 6.0.2 .25 IBM Websphere Application Server 6.0.2 .24 IBM Websphere Application Server 6.0.2 .23 IBM Websphere Application Server 6.0.2 .22 IBM Websphere Application Server 6.0.2 .21 IBM Websphere Application Server 6.0.2 .17 IBM Websphere Application Server 6.0.2 .15 IBM Websphere Application Server 6.0.2 .13 IBM Websphere Application Server 6.0.2 .11 IBM Websphere Application Server 6.0.2 .1 IBM Websphere Application Server 6.0.2 IBM Websphere Application Server 6.0.1 IBM Websphere Application Server 6.0 .7 IBM Websphere Application Server 6.0 IBM Websphere Application Server 7.0.0.7 IBM Websphere Application Server 7.0.0.5 IBM Websphere Application Server 7.0.0.1 IBM Websphere Application Server 7.0 IBM Websphere Application Server 6.2 IBM Websphere Application Server 6.1.0.29 IBM Websphere Application Server 6.1.0.27 IBM Websphere Application Server 6.0.2.19 IBM Websphere Application Server 6.0.2 Fix Pack 17
Not Vulnerable:	IBM Websphere Application Server 7.0 .11 IBM Websphere Application Server 6.1.0.31

IBM WebSphere Application Server SIP Logging Information Disclosure Vulnerability

IBM WebSphere Application Server (WAS) is prone to an information-disclosure vulnerability.

A local authenticated attacker can exploit this issue to gain access to sensitive information; this may aid in further attacks.

Versions prior to WAS 7.0.0.11 and 6.1.0.31 are vulnerable.

IBM WebSphere Application Server SIP Logging Information Disclosure Vulnerability

Local attackers can exploit this issue with readily available tools.

IBM WebSphere Application Server SIP Logging Information Disclosure Vulnerability

Solution:
Updates are available. Please see the references for details.

IBM WebSphere Application Server SIP Logging Information Disclosure Vulnerability

References:

• IBM Websphere Homepage (IBM)
  
• PM08892: SIP logging does not support hiding specific header fields (IBM)
  
• PM12247: SHIP APAR FIXES FOR H28W610 FIX PACK 6.1.0 (IBM)