Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2432

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-2432
Last Modified 07 Mar 2011 09:36:12
Published 17 May 2006 06:06:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2432

Summary

IBM WebSphere Application Server 5.0.2 (or any earlier cumulative fix) and 5.1.1 (or any earlier cumulative fix) allows EJB access on Solaris systems via a crafted LTPA token.

Vulnerable Systems

Application

  • Ibm Websphere Application Server 5.0.0

  • Ibm Websphere Application Server 5.0.1

  • Ibm Websphere Application Server 5.0.2

  • Ibm Websphere Application Server 5.1.0

  • Ibm Websphere Application Server 5.1.1


References

AIXAPAR - PK19195

CONFIRM - http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27006881

CONFIRM - http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27006879

SECUNIA - 20032

BUGTRAQ - 20060509 IBM Websphere Application Server Multiple Vulnerabilities

VUPEN - ADV-2006-2552

VUPEN - ADV-2006-1736

OSVDB - 25375

SREASON - 910


Last Updated: 27 May 2016 10:42:28