IBM WebSphere Exported XML Password Encoding Weakness

Bugtraq ID:	6758
Class:	Design Error
CVE:
Remote:	No
Local:	Yes
Published:	Feb 03 2003 12:00AM
Updated:	Feb 03 2003 12:00AM
Credit:	Discovery of this issue is credited to "Jan P. Monsch" <jan.monsch@csnc.ch>.
Vulnerable:	IBM WebSphere Application Server Enterprise Edition 4.0 - IBM AIX 4.3 - Linux kernel 2.3 .x - Microsoft Windows NT 4.0 - Sun Solaris 8_sparc IBM WebSphere Application Server Advanced Edition 4.0.4 IBM WebSphere Application Server Advanced Edition 3.0 .2.1 - IBM AIX 4.3 - Linux kernel 2.3 .x - Microsoft Windows NT 4.0 - Sun Solaris 8_sparc IBM Websphere Application Server 4.0.3 IBM Websphere Application Server 3.5.3 - IBM AIX 4.3 - Linux kernel 2.3 .x - Microsoft Windows NT 4.0 - Sun Solaris 8_sparc IBM Websphere Application Server 3.5.2 - IBM AIX 4.3 - Linux kernel 2.3 .x - Microsoft Windows NT 4.0 - Sun Solaris 8_sparc IBM Websphere Application Server 3.5.1 - IBM AIX 4.3 - Linux kernel 2.3 .x - Microsoft Windows NT 4.0 - Sun Solaris 8_sparc IBM Websphere Application Server 3.5 IBM Websphere Application Server 3.0.2 .1 - IBM AIX 4.3 - Linux kernel 2.3 .x - Microsoft Windows NT 4.0 - Sun Solaris 8_sparc IBM Websphere Application Server 3.0.2 - IBM AIX 4.3 - Linux kernel 2.3 .x - Microsoft Windows NT 4.0 - Sun Solaris 8_sparc IBM Websphere Application Server 3.0 .2.4 - IBM AIX 4.3 - Linux kernel 2.3 .x - Microsoft Windows NT 4.0 - Sun Solaris 8_sparc IBM Websphere Application Server 3.0 .2.3 - IBM AIX 4.3 - Linux kernel 2.3 .x - Microsoft Windows NT 4.0 - Sun Solaris 8_sparc IBM Websphere Application Server 3.0 .2.2 - IBM AIX 4.3 - Linux kernel 2.3 .x - Microsoft Windows NT 4.0 - Sun Solaris 8_sparc IBM Websphere Application Server 3.0 - IBM AIX 4.3 - Linux kernel 2.3 .x - Microsoft Windows NT 4.0 - Novell Netware 5.0 - Sun Solaris 8_sparc IBM Websphere Application Server 2.0 - IBM AIX 4.3 - Linux kernel 2.3 .x - Microsoft Windows NT 4.0 - Novell Netware 5.0 - Sun Solaris 8_sparc

Not Vulnerable: