IBM WebSphere Application Server iscdeploy Script Insecure Permissions
Synopsis :
The remote application server is susceptible to an insecure file
permission vulnerability.
Description :
The version of IBM WebSphere application server running on the remote
host may be susceptible to an insecure file permission vulnerability.
This vulnerability only affects WebSphere Application Servers running
on the IBM i platform. A local attacker may be able to exploit this
issue to obtain potentially sensitive information or modify files in
certain directories.
See also :
only registered users with at least 25 hack challenge points can see links: click here in order to visit the hack challengeshttp://www-01.ibm.com/support/docview.wss?uid=swg24031675
Solution :
Apply Fix Pack 43 for 6.1 / 21 for 7.0 / 2 for 8.0 or later.
Risk factor :
Medium / CVSS Base Score : 4.6
(CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P)
original thread: only registered users with at least 25 hack challenge points can see links: click here in order to visit the hack challengeshttp://www.nessus.org/plugins/index.php?view=single&id=57826
