----------------------------------------------------------------------

Do you have VARM strategy implemented?

(Vulnerability Assessment Remediation Management)  

If not, then implement it through the most reliable vulnerability
intelligence source on the market. 

Implement it through Secunia. 

For more information visit:
http://secunia.com/advisories/business_solutions/

Alternatively request a call from a Secunia representative today to
discuss how we can help you with our capabilities contact us at:
sales@secunia.com

----------------------------------------------------------------------

TITLE:
IBM FileNet Content Manager WSEAF Vulnerability

SECUNIA ADVISORY ID:
SA35347

VERIFY ADVISORY:
http://secunia.com/advisories/35347/

DESCRIPTION:
A vulnerability has been reported in IBM FileNet Content Manager,
which can potentially be exploited by malicious people to bypass
certain security restrictions.

The vulnerability is caused due to an unspecified error in the
handling of cached credentials, which can potentially be exploited to
assume the identity of an authenticated user.

Successful exploitation requires that the CE Web Services listener is
configured to use the Extensible Authentication Framework (WSEAF) and
the WSEAF configuration is making use of SOAP Security elements other
than UsernameToken or BinarySecurityToken.

The vulnerability affects P8 Content Engine 4.0.x and 4.5.0 for
WebLogic Application Server and WebSphere Application Server.

SOLUTION:
-- WebLogic Application Server --
 P8 CE 4.0.0:
Update to P8 CE 4.0.1 and apply the appropriate Fix Pack.

P8 CE 4.0.1:
The vulnerability will be addressed in P8 CE 4.0.1 Fix Pack 10
(scheduled for release in June 2009).

P8 CE 4.5.0:
Update to P8 CE 4.5.1. The vulnerability will be addressed in P8 CE
4.5.1 GA (scheduled for release in August 2009).

-- WebSphere Application Server --

P8 CE 4.0.0:
Upgrade to P8 CE 4.0.1 and apply the appropriate Fix Pack.

P8 CE 4.0.1:
The vulnerability is fixed in P8 CE 4.0.1 Fix Pack 8 (released in
February 2009).

P8 CE 4.5.0:
The vulnerability is fixed in P8 CE 4.5.0 Fix Pack 2 (released in May
2009).

Reportedly, an immediate test fix can also be requested if the above
resolutions cannot be applied for any reason. Please contact the IBM
Support to request a test fix or to obtain information regarding
mitigation strategies.

PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.

ORIGINAL ADVISORY:
IBM:
http://www-01.ibm.com/support/docview.wss?uid=swg21389281

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------