The IBM WebSphere Application Server running on the remote host is version 7.0 prior to 7.0.0.43, 8.0 prior to 8.0.0.13, 8.5 prior to 8.5.5.10, 9.0 prior to 9.0.0.1, or 16.0 (Liberty) prior to 16.0.0.3.
It is, therefore, affected by an information disclosure vulnerability due to improper validation of user-supplied input. An authenticated, remote attacker can exploit this to cause a buffer overflow condition, resulting in the disclosure of sensitive information.

遠端主機上執行的 IBM WebSphere Application Server 版本為 7.0 的 7.0.0.43 之前版本、8.0 的 8.0.0.13 之前版本、8.5 的 8.5.5.10 之前版本、9.0 的 9.0.0.1 之前版本，或是 16.0 (Liberty) 版的 16.0.0.3 之前版本。
因此，會受到一個資訊洩漏弱點影響，這是因為不當清理使用者提供的輸入所導致。經驗證的遠端攻擊者可惡意利用此弱點，造成緩衝區溢位情形，進而導致敏感資訊洩漏。

リモートホストで実行中のIBM WebSphere Application Serverのバージョンは、7.0.0.43より前の7.0、8.0.0.13より前の8.0、8.5.5.10より前の8.5、9.0.0.1より前の9.0、または16.0.0.3より前の16.0（Liberty）です。
このため、ユーザー指定の入力を不適切に検証しているため、情報漏洩の脆弱性の影響を受けます。認証されたリモートの攻撃者がこれを悪用し、バッファオーバーフロー状態を引き起こして、秘密情報が漏えいする可能性があります。

远程主机上运行的 IBM WebSphere Application Server 版本为低于 7.0.0.43 的 7.0、低于 8.0.0.13 的 8.0、低于 8.5.5.10 的 8.5、低于 9.0.0.1 的 9.0 或低于 16.0.0.3 的 16.0 (Liberty)。
因此，该服务器受到信息泄露漏洞的影响，这是未正确验证用户提供的输入所致。经过身份验证的远程攻击者可利用此漏洞造成缓冲区溢出情况，从而导致敏感信息泄露。

The remote host appears to be running IBM WebSphere Application Server 7.0 prior to 7.0.0.41.  Such versions are potentially affected by multiple issues :

 - A flaw exists allowing a reflected cross-site scripting (XSS) vulnerability due to a failure to properly validate output from the OAuth provider before returning it to users.  An authenticated, remote attacker can exploit this, via a specially crafted URL, to execute arbitrary script code in a user's browser session within the security context of the hosting website. (CVE-2015-7417)
 - A flaw exists in the FIPS140-2 implementation that is related to an improper TLS configuration.  This may allow an attacker with the ability to intercept network traffic (e.g. MitM, DNS cache poisoning) to disclose transmitted data. (CVE-2016-0306)
 - A flaw exists that is due to the program improperly setting the CSRFtoken cookie.  This may allow an authenticated remote attacker to gain access to potentially sensitive information. (CVE-2016-0377)
 - An overflow condition exists that is triggered as certain input is not properly validated.  This may allow an authenticated remote attacker to cause a buffer overflow, potentially allowing them to bypass security restrictions and disclose sensitive information. (CVE-2016-0385)

The remote host appears to be running IBM WebSphere Application Server 8.0 prior to 8.0.0.12.  Such versions are potentially affected by multiple issues :

 - A flaw exists that is triggered as CRLF (Carriage Return and Line Feed) character sequences are not properly sanitized before being included in HTTP responses.  This allows a remote attacker to inject additional headers into responses to conduct HTTP response splitting attacks.
 - An unspecified flaw exists in the edge component caching proxy that could cause weaker than intended encryption, which may potentially allow an authenticated remote attacker to more easily decrypt information.
 - A flaw exists allowing a reflected cross-site scripting (XSS) vulnerability due to a failure to properly validate output from the OAuth provider before returning it to users.  An authenticated, remote attacker can exploit this, via a specially crafted URL, to execute arbitrary script code in a user's browser session within the security context of the hosting website.
 - A flaw exists that is triggered when handling a connect call that is interrupted.  This may allow a remote attacker to crash the plug-in component and cause a partial denial of service.
 - An overflow condition exists that is triggered as certain input is not properly validated.  This may allow an authenticated remote attacker to cause a buffer overflow, potentially allowing them to bypass security restrictions and disclose sensitive information.

The remote host appears to be running IBM WebSphere Application Server 8.5 prior to 8.5.5.10.  Such versions are potentially affected by multiple issues :

 - A flaw exists that is triggered as CRLF (Carriage Return and Line Feed) character sequences are not properly sanitized before being included in HTTP responses.  This allows a remote attacker to inject additional headers into responses to conduct HTTP response splitting attacks.
 - A flaw exists that is triggered during the handling of specially crafted SIP messages.  This may allow a remote attacker to cause a denial of service.
 - A flaw exists that is due to the program improperly setting the CSRFtoken cookie.  This may allow an authenticated remote attacker to gain access to potentially sensitive information.
 - An overflow condition exists that is triggered as certain input is not properly validated.  This may allow an authenticated remote attacker to cause a buffer overflow, potentially allowing them to bypass security restrictions and disclose sensitive information.
 - A flaw exists that is due to the program setting insecure unspecified flags on CSRF token cookies, which may allow an attacker to have an unspecified impact.  No further details have been provided by the vendor.  Based on past disclosures from IBM, this is likely the 'secure' and/or 'HttpOnly' flag.

Versions of IBM DB2 10.5 prior to Fix Pack 8 and 11.x prior to 11.1 are potentially affected by multiple vulnerabilities :

 - An unspecified flaw exists that may allow a local attacker to gain elevated privileges. No further details have been provided by the vendor.
 - An unspecified flaw exists that may allow a local attacker to gain access to arbitrary memory locations. No further details have been provided by the vendor.
 - An unspecified flaw exists that is triggered when dereferencing user pointers. This may allow a local attacker to crash the file system.
 - A flaw exists in the 'DTDScanner::scanChildren()' function in 'validators/DTD/DTDScanner.cpp' that is triggered when handling user requests. With a specially crafted request, a context-dependent attacker can cause the application linked against the library to exhaust resources causing it to stop responding or crash.
 - A flaw exists that is triggered when a local attacker sets environment variables that are processed by setuid programs. This may allow the attacker to execute commands with root privileges.
 - A flaw exists that is triggered when a local attacker supplies command line parameters to setuid programs. This may allow the attacker to execute commands with root privileges.
 - An overflow condition exists that is triggered as certain input is not properly validated. This may allow an authenticated remote attacker to cause a buffer overflow, potentially allowing them to bypass security restrictions and disclose sensitive information.
 - A flaw exists that is due to the program insecurely loading binaries planted in a location that a SETGID or SETUID binary would execute. This may allow a local attacker to gain elevated, root privileges.
 - A flaw exists in the 'SQLNP_SCOPE_TRIAL()' function that is triggered during the handling of SQL statements. This may allow an authenticated attacker to crash the database.
 - Multiple flaws exist in the Query Compiler QGM that is triggered when handling specific queries. With a specially crafted query, an authenticated attacker can cause the database to crash.

The remote host appears to be running IBM WebSphere Application Server 9.0 prior to 9.0.0.1.  Such versions are potentially affected by multiple issues :

 - A flaw exists that is triggered during the handling of specially crafted SIP messages.  This may allow a remote attacker to cause a denial of service.
 - An overflow condition exists that is triggered as certain input is not properly validated.  This may allow an authenticated remote attacker to cause a buffer overflow, potentially allowing them to bypass security restrictions and disclose sensitive information.
 - A flaw exists that is due to the program setting insecure unspecified flags on CSRF token cookies, which may allow an attacker to have an unspecified impact.  No further details have been provided by the vendor.  Based on past disclosures from IBM, this is likely the 'secure' and/or 'HttpOnly' flag.

ID	名稱	產品	系列	已發布	已更新	嚴重性
94582	IBM WebSphere Application Server 7.0 < 7.0.0.43 / 8.0 < 8.0.0.13 / 8.5 < 8.5.5.10 / 9.0 < 9.0.0.1 / Liberty 16.0 < 16.0.0.3 Information Disclosure	Nessus	Web Servers	2016/11/7	2018/8/6	low
94582	IBM WebSphere Application Server 7.0 < 7.0.0.43 / 8.0 < 8.0.0.13 / 8.5 < 8.5.5.10 / 9.0 < 9.0.0.1 / Liberty 16.0 < 16.0.0.3 資訊洩漏	Nessus	Web Servers	2016/11/7	2018/8/6	low
94582	IBM WebSphere Application Server 7.0 < 7.0.0.43/8.0 < 8.0.0.13/8.5 < 8.5.5.10/9.0 < 9.0.0.1/Liberty 16.0 < 16.0.0.3 の情報漏洩	Nessus	Web Servers	2016/11/7	2018/8/6	low
94582	IBM WebSphere Application Server 7.0 < 7.0.0.43 / 8.0 < 8.0.0.13 / 8.5 < 8.5.5.10 / 9.0 < 9.0.0.1 / Liberty 16.0 < 16.0.0.3 信息泄露	Nessus	Web Servers	2016/11/7	2018/8/6	low
9701	IBM WebSphere Application Server 7.0 < 7.0.0.41 Multiple Vulnerabilities	Nessus Network Monitor	Web Servers	2016/10/26	2019/3/6	low
9714	IBM WebSphere Application Server 8.0 < 8.0.0.12 Multiple Vulnerabilities	Nessus Network Monitor	Web Servers	2016/10/26	2019/3/6	low
9720	IBM WebSphere Application Server 8.5 < 8.5.5.10 Multiple Vulnerabilities	Nessus Network Monitor	Web Servers	2016/10/26	2019/3/6	medium
9590	IBM DB2 10.5 < Fix Pack 8 / 11.x < 11.1 Multiple Vulnerabilities	Nessus Network Monitor	Database	2016/9/30	2019/3/6	critical
9722	IBM WebSphere Application Server 9.0 < 9.0.0.1 Multiple Vulnerabilities	Nessus Network Monitor	Web Servers	2016/10/26	2019/3/6	medium

偵測

搜尋 Plugin

low

low

low

low

low

low

medium

critical

medium