---------------------------------------------------------------------- Use WSUS to deploy 3rd party patches Public BETA http://secunia.com/vulnerability_scanning/corporate/wsus_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: IBM WebSphere Application Server for z/OS Multiple Vulnerabilities SECUNIA ADVISORY ID: SA38909 VERIFY ADVISORY: http://secunia.com/advisories/38909/ DESCRIPTION: IBM has acknowledged multiple vulnerabilities in IBM WebSphere Application Server for z/OS, where some have an unknown impact and others can be exploited by malicious people to bypass certain security restrictions. 1) Some vulnerabilities are caused due to unspecified errors related to the administrative console. No additional information is currently available. 2) A vulnerability in Apache "mod_proxy_ftp" module can be exploited by malicious people to bypass certain security restrictions. For more information: SA36675 SOLUTION: Apply APARs PK96858 and PK97376 or Fix Pack 7.0.0.9 as soon as it becomes available. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: IBM (PK96858, PK97376): http://www-01.ibm.com/support/docview.wss?uid=swg1PM09161 OTHER REFERENCES: SA36675: http://secunia.com/advisories/36675/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------