HTTP: WebSphere Application Server Buffer Overflow
This signature detects attempts to exploit a known vulnerability against IBM WebSphere Application Server. The WebSphere server does not properly validate user input during the application authentication process. Attackers can provide malicious input to terminate the server process, or inject and execute arbitrary code on the target.
Extended Description
IBM WebSphere Application Server Administrative Console is prone to a buffer overflow vulnerability. This issue is due to a failure of the application in the authentication mechanism. An attacker may exploit this issue to execute arbitrary code with the privileges of the server process. This may facilitate privilege escalation. It should be noted this vulnerability can not be exploited if the 'global security option' is disabled.
Affected Products
Ibm websphere_application_server
Short Name
HTTP:WEBSPHERE:SERVER-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Application Buffer CVE-2005-1872 Overflow Server WebSphere bid:13853
Release Date
06/15/2005
Supported Platforms
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vsrx-19.2
srx-19.3
srx-branch-12.3
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx-12.3
vmx-19.3
srx-12.3
Sigpack Version
3724
False Positive
Unknown
Vendors
Ibm
CVSS Score
7.5