Vulnerability CVE-2005-1112 - CERT Civis.Net

Vulnerability Name:

CVE-2005-1112 (CCN-20099)

Assigned:

2005-04-14

Published:

2005-04-14

Updated:

2017-07-11

Summary:

IBM WebSphere Application Server 6.0 and earlier, when sharing the document root of the web server, allows remote attackers to obtain the source code for Java Server Pages (.jsp) via an HTTP request with an invalid Host header, which causes the page to be processed by the web server instead of the JSP engine.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

Vulnerability Type:

Vulnerability Consequences:

Obtain Information

References:

Source: MITRE
Type: CNA
CVE-2005-1112

Source: BUGTRAQ
Type: UNKNOWN
20050413 IBM WebSphere Widespread configuration JSP disclosure

Source: CCN
Type: SA14962
IBM WebSphere Application Server JSP Source Exposure

Source: SECUNIA
Type: Vendor Advisory
14962

Source: CCN
Type: SECTRACK ID: 1013697
IBM WebSphere May Disclose JSP Source to Remote Users Sending Invalid Host Headers

Source: SECTRACK
Type: Vendor Advisory
1013697

Source: CCN
Type: IBM WebSphere Application Server Web page
Application Servers > WebSphere Application Server > WebSphere Application Server

Source: OSVDB
Type: UNKNOWN
15501

Source: CCN
Type: OSVDB ID: 15501
IBM WebSphere Application Server (WAS) Malformed Host: Header JSP Source Disclosure

Source: BID
Type: UNKNOWN
13160

Source: CCN
Type: BID-13160
IBM WebSphere Application Server Web Server Root JSP Source Code Disclosure Vulnerability

Source: XF
Type: UNKNOWN
ibm-websphere-information-disclosure(20099)

Source: XF
Type: UNKNOWN
ibm-websphere-information-disclosure(20099)

Vulnerable Configuration:

Configuration 1:

cpe:/a:ibm:websphere_application_server:5.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:5.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:5.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:5.0.2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:5.0.2.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:5.0.2.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:5.0.2.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:5.0.2.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:5.0.2.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:5.0.2.8:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:5.0.2.9:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:5.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:5.1.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:5.1.0.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:5.1.0.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:5.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:5.1.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:5.1.1.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:5.1.1.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:6.0:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:ibm:websphere_application_server:6.0:*:*:*:*:*:*:*

Denotes that component is vulnerable