CVE-2006-4137
IBM WebSphere Application Server before 6.1.0.1 allows attackers to obtain sensitive information via unspecified vectors related to (1) the log file, (2) "script generated syntax on wsadmin command line," and (3) traces.
| Software | From | Fixed in |
|---|---|---|
| ibm / websphere_application_server | 6.0.2.1 | 6.0.2.1.x |
| ibm / websphere_application_server | 6.0.2.5 | 6.0.2.5.x |
| ibm / websphere_application_server | 6.0.0.3 | 6.0.0.3.x |
| ibm / websphere_application_server | 6.0.2.9 | 6.0.2.9.x |
| ibm / websphere_application_server | 6.0.2.6 | 6.0.2.6.x |
| ibm / websphere_application_server | 6.0.2.2 | 6.0.2.2.x |
| ibm / websphere_application_server | 6.0.2 | 6.0.2.x |
| ibm / websphere_application_server | 6.0.2.4 | 6.0.2.4.x |
| ibm / websphere_application_server | 6.0.1.2 | 6.0.1.2.x |
| ibm / websphere_application_server | 6.0.0.1 | 6.0.0.1.x |
| ibm / websphere_application_server | 6.1.0.0 | 6.1.0.0.x |
| ibm / websphere_application_server | 6.0.1 | 6.0.1.x |
| ibm / websphere_application_server | 6.0.2.7 | 6.0.2.7.x |
| ibm / websphere_application_server | 6.0.0.2 | 6.0.0.2.x |
| ibm / websphere_application_server | 6.0 | 6.0.x |
| ibm / websphere_application_server | 6.0.2.3 | 6.0.2.3.x |
- http://secunia.com/advisories/21440
- http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27007951
- http://www-1.ibm.com/support/search.wss?rs=0&q=PK27547&apar=only
- http://www-1.ibm.com/support/search.wss?rs=0&q=PK27857&apar=only
- http://www-1.ibm.com/support/search.wss?rs=0&q=PK28408&apar=only
- http://www.securityfocus.com/bid/19463
- http://www.vupen.com/english/advisories/2006/3262
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime