IBM WebSphere Application Server for z/OS Multiple Security Vulnerabilities

IBM WebSphere Application Server for z/OS is prone to the following security vulnerabilities:

1. A session-hijacking vulnerability.

2. A directory traversal vulnerability.

3. A security-bypass vulnerability.

Exploiting these issues will allow an attacker to hijack a victim's session, overwrite arbitrary local files within the context of the web server and bypass certain security restrictions. Information harvested may aid in launching further attacks.

IBM WebSphere Application Server 6.1, 7, 8 and 8.5 are vulnerable.


Privacy Statement
Copyright 2010, SecurityFocus