IBM WebSphere Service Registry and Repository Authentication Bypass

IBM has released a fix for an authentication bypass vulnerability in its WebSphere Service Registry and Repository software. WSRR version 7.0 is vulnerable. Version 7.0 Fix Pack 1 includes the fix and is not vulnerable. Exploit code is available.

References:
http://xforce.iss.net/xforce/xfdb/63640
http://www-01.ibm.com/support/docview.wss?rs=3074&context=SW9Z0&dc=D400&uid=swg24026132
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2644

email: david @ sharpesecurity.com
website: www.sharpesecurity.com
Twitter: twitter.com/sharpesecurity
Twitter: twitter.com/patchmanagement

Share

Leave a Reply