CVE-2006-4136
https://notcve.org/view.php?id=CVE-2006-4136
Multiple unspecified vulnerabilities in IBM WebSphere Application Server before 6.1.0.1 have unspecified impact and attack vectors involving (1) "SOAP requests and responses", (2) mbean, (3) ThreadIdentitySupport, and possibly others. Múltiples vulnerabilidades no especificadas en IBM WebSphere Application Server anterior a 6.1.0.1 tienen impacto no especificado y vectores de ataque relacionados con (1) "peticiones y respuestas SOAP", (2) mbean, (2) ThreadIdentitySupport, y posiblemente otros. • http://secunia.com/advisories/21440 http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27007951 http://www-1.ibm.com/support/search.wss?rs=0&q=PK24334&apar=only http://www-1.ibm.com/support/search.wss?rs=0&q=PK25199&apar=only http://www-1.ibm.com/support/search.wss?rs=0&q=PK26498&apar=only http://www.securityfocus.com/bid/19463 http://www.vupen.com/english/advisories/2006/3262 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-264: Permissions, Privileges, and Access Controls •
CVE-2006-4137
https://notcve.org/view.php?id=CVE-2006-4137
IBM WebSphere Application Server before 6.1.0.1 allows attackers to obtain sensitive information via unspecified vectors related to (1) the log file, (2) "script generated syntax on wsadmin command line," and (3) traces. IBM WebSphere Application Server anteior a 6.1.0.1 permite a atacantes obtener información sensible mediante vectores no especificados relacionados con (1) el archivo de registro (log), (2) "sintaxis generada por secuencia de comandos en la línea de comandos wsadmin", y (3) trazas. • http://secunia.com/advisories/21440 http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27007951 http://www-1.ibm.com/support/search.wss?rs=0&q=PK27547&apar=only http://www-1.ibm.com/support/search.wss?rs=0&q=PK27857&apar=only http://www-1.ibm.com/support/search.wss?rs=0&q=PK28408&apar=only http://www.securityfocus.com/bid/19463 http://www.vupen.com/english/advisories/2006/3262 •