Interstage Application Server: ディレクトリトラバーサルの脆弱性について(CVE-2008-2938) (2010年10月18日)
1. 脆弱性の説明
Servletサービスにおいて、ディレクトリトラバーサルの脆弱性が確認されました。
Interstageについては以下のページを参照してください。
http://www.fujitsu.com/jp/products/software/middleware/business-middleware/interstage/
富士通は、3.に示すセキュリティパッチを提供していますので、早急に適用する様にお願いします。
2. 脆弱性のもたらす脅威
遠隔の攻撃者による、以下の脅威があります。
- Webアプリケーション配下のアクセス制限をつけて保護しているコンテンツまたは内部情報を取得される可能性があります。
- Webアプリケーションの配備ディレクトリを遡って、システムファイルを取得される可能性があります。
本脆弱性の深刻度に関しては、「4. 関連情報」に記載のJVN iPediaおよびIPAの公開情報内にある、JVN iPedia「CVSSによる深刻度」を参照願います。
3. 該当システム・対策情報
3-1.該当システム
GP7000F, PRIMEPOWER, GP-S, SPARC Enterprise, PRIMERGY, GP5000, CELSIUS, FMVシリーズ, AT互換機, PRIMEQUEST
3-2.該当製品・対策Patch
・Interstage Application Framework Suite
・Interstage Application Server
・Interstage Apworks/Studio
・Interstage Business Application Server
・Interstage Job Workload Server
・Interstage Web Server
製品名 | 対象OS | パッケージ名 | Patch ID |
---|---|---|---|
Interstage Application Framework Suite Enterprise Edition 6.0 | Solaris 7, 8, 9 | FJSVjs4 | T0114S-07 |
Interstage Application Framework Suite Enterprise Edition 6.0.1 | Solaris 7, 8, 9 | FJSVjs4 | T0163S-09 |
Interstage Application Framework Suite Enterprise Edition 6.0.2 | Solaris 7, 8, 9 | FJSVjs4 | T0315S-03 |
Interstage Application Framework Suite Enterprise Edition 7.0.1 | Solaris 8, 9, 10 | FJSVjs4 | T020LS-11 |
Interstage Application Framework Suite Standard Edition 6.0 | Solaris 7, 8, 9 | FJSVjs4 | T0114S-07 |
Interstage Application Framework Suite Standard Edition 6.0.1 | Solaris 7, 8, 9 | FJSVjs4 | T0163S-09 |
Interstage Application Framework Suite Standard Edition 6.0.2 | Solaris 7, 8, 9 | FJSVjs4 | T0315S-03 |
Interstage Application Framework Suite Standard Edition 7.0 | Solaris 8, 9 | FJSVjs4 | T020LS-11 |
Interstage Application Framework Suite Standard Edition 7.0.2 | Solaris 8, 9, 10 | FJSVjs4 | T020LS-11 |
Interstage Application Framework Suite Web Edition 6.0 | Solaris 7, 8, 9 | FJSVjs4 | T0114S-07 |
Interstage Application Framework Suite Web Edition 6.0.1 | Solaris 7, 8, 9 | FJSVjs4 | T0163S-09 |
Interstage Application Framework Suite Web Edition 6.0.2 | Solaris 7, 8, 9 | FJSVjs4 | T0315S-03 |
Interstage Application Framework Suite Web Edition 7.0 | Solaris 8, 9 | FJSVjs4 | T020LS-11 |
Interstage Application Framework Suite Web Edition 7.0.2 | Solaris 8, 9, 10 | FJSVjs4 | T020LS-11 |
Interstage Application Framework Suite Enterprise Edition V6.0L10 | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
Interstage Application Framework Suite Enterprise Edition V6.0L10B | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
Interstage Application Framework Suite Enterprise Edition V6.0L10C | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
Interstage Application Framework Suite Standard Edition V6.0L10 | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
Interstage Application Framework Suite Standard Edition V6.0L10B | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
Interstage Application Framework Suite Standard Edition V6.0L10C | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
Interstage Application Framework Suite Standard Edition V7.0L10 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | TK00544 |
Interstage Application Framework Suite Standard Edition V7.0L11 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | TK00544 |
Interstage Application Framework Suite Web Edition V6.0L10 | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
Interstage Application Framework Suite Web Edition V6.0L10A | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
Interstage Application Framework Suite Web Edition V6.0L10B | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
Interstage Application Framework Suite Web Edition V6.0L10C | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
Interstage Application Framework Suite Web Edition V7.0L10 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | TK00544 |
Interstage Application Framework Suite Web Edition V7.0L11 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | TK00544 |
Interstage Application Framework Suite Enterprise Edition V6.0L10 | RHEL-AS3(x86)/ ES3(x86) | FJSVjs4 | T00274-09 |
Interstage Application Framework Suite Standard Edition V6.0L10 | RHEL-AS3(x86)/ ES3(x86) | FJSVjs4 | T00274-09 |
Interstage Application Framework Suite Standard Edition V7.0L10 | RHEL-AS3(x86)/ ES3(x86) | FJSVjs4 | T00836-09 |
Interstage Application Framework Suite Standard Edition V7.0L11 | RHEL-AS3(x86)/ ES3(x86)/ AS4(x86) | FJSVjs4 | T00836-09 |
Interstage Application Framework Suite Web Edition V6.0L10 | RHEL-AS2.1(x86)/ ES2.1(x86) | FJSVjs4 | T00274-09 |
Interstage Application Framework Suite Web Edition V6.0L11 | RHEL-AS2.1(x86)/ ES2.1(x86)/ AS3(x86)/ ES3(x86) | FJSVjs4 | T00274-09 |
Interstage Application Framework Suite Web Edition V7.0L10 | RHEL-AS3(x86)/ ES3(x86) | FJSVjs4 | T00836-09 |
Interstage Application Framework Suite Web Edition V7.0L11 | RHEL-AS3(x86)/ ES3(x86)/ AS4(x86) | FJSVjs4 | T00836-09 |
製品名 | 対象OS | パッケージ名 | Patch ID |
---|---|---|---|
Interstage Application Server Enterprise Edition 6.0 | Solaris 7, 8, 9 | FJSVjs4 | T0114S-07 |
Interstage Application Server Enterprise Edition 6.0.1 | Solaris 7, 8, 9 | FJSVjs4 | T0163S-09 |
Interstage Application Server Enterprise Edition 6.0.2 | Solaris 7, 8, 9 | FJSVjs4 | T0315S-03 |
Interstage Application Server Enterprise Edition 7.0 | Solaris 8, 9 | FJSVjs4 | T020LS-11 |
Interstage Application Server Enterprise Edition 7.0.1 | Solaris 8, 9, 10 | FJSVjs4 | T020LS-11 |
Interstage Application Server Enterprise Edition 8.0.0 | Solaris 9, 10 | FJSVjs4 | T000572SP-12 |
Interstage Application Server Enterprise Edition 8.0.0 | Solaris 9, 10 | FJSVjs4 | T000574SP-12(*1) |
Interstage Application Server Enterprise Edition 8.0.3 | Solaris 9, 10 | FJSVjs4 | T000572SP-12 |
Interstage Application Server Enterprise Edition 8.0.3 | Solaris 9, 10 | FJSVjs4 | T000574SP-12(*1) |
Interstage Application Server Enterprise Edition V9.0.0 | Solaris 9, 10 | FJSVjs5 | T001575SP-03 |
Interstage Application Server Enterprise Edition V9.0.0 | Solaris 9, 10 | FJSVjs4 | T001582SP-02 |
Interstage Application Server Enterprise Edition V9.1.0 | Solaris 9, 10 | FJSVjs5 | T003517SP-01 |
Interstage Application Server Enterprise Edition V9.1.0 | Solaris 9, 10 | FJSVjs4 | T003525SP-01 |
Interstage Application Server Enterprise Edition V9.1.0A | Solaris 9, 10 | FJSVjs5 | T003517SP-01 |
Interstage Application Server Enterprise Edition V9.1.0A | Solaris 9, 10 | FJSVjs4 | T003525SP-01 |
Interstage Application Server Enterprise Edition V9.1.0B | Solaris 9, 10 | FJSVjs5 | T003517SP-01 |
Interstage Application Server Enterprise Edition V9.1.0B | Solaris 9, 10 | FJSVjs4 | T003525SP-01 |
Interstage Application Server Standard Edition 6.0 | Solaris 7, 8, 9 | FJSVjs4 | T0114S-07 |
Interstage Application Server Standard Edition 6.0.1 | Solaris 7, 8, 9 | FJSVjs4 | T0163S-09 |
Interstage Application Server Standard Edition 6.0.2 | Solaris 7, 8, 9 | FJSVjs4 | T0315S-03 |
Interstage Application Server Standard Edition 7.0 | Solaris 8, 9 | FJSVjs4 | T020LS-11 |
Interstage Application Server Standard Edition 7.0.1 | Solaris 8, 9, 10 | FJSVjs4 | T020LS-11 |
Interstage Application Server Standard-J Edition 8.0.0 | Solaris 9, 10 | FJSVjs4 | T000573SP-12 |
Interstage Application Server Standard-J Edition 8.0.0 | Solaris 9, 10 | FJSVjs4 | T000574SP-12(*1) |
Interstage Application Server Standard-J Edition 8.0.3 | Solaris 9, 10 | FJSVjs4 | T000573SP-12 |
Interstage Application Server Standard-J Edition 8.0.3 | Solaris 9, 10 | FJSVjs4 | T000574SP-12(*1) |
Interstage Application Server Standard-J Edition V9.0.0 | Solaris 9, 10 | FJSVjs5 | T001575SP-03 |
Interstage Application Server Standard-J Edition V9.0.0 | Solaris 9, 10 | FJSVjs4 | T001582SP-02 |
Interstage Application Server Standard-J Edition V9.1.0 | Solaris 9, 10 | FJSVjs5 | T003517SP-01 |
Interstage Application Server Standard-J Edition V9.1.0 | Solaris 9, 10 | FJSVjs4 | T003525SP-01 |
Interstage Application Server Standard-J Edition V9.1.0A | Solaris 9, 10 | FJSVjs5 | T003517SP-01 |
Interstage Application Server Standard-J Edition V9.1.0A | Solaris 9, 10 | FJSVjs4 | T003525SP-01 |
Interstage Application Server Standard-J Edition V9.1.0B | Solaris 9, 10 | FJSVjs5 | T003517SP-01 |
Interstage Application Server Standard-J Edition V9.1.0B | Solaris 9, 10 | FJSVjs4 | T003525SP-01 |
Interstage Application Server Plus 6.0 | Solaris 7, 8, 9 | FJSVjs4 | T0114S-07 |
Interstage Application Server Plus 6.0.1 | Solaris 7, 8, 9 | FJSVjs4 | T0163S-09 |
Interstage Application Server Plus 6.0.2 | Solaris 7, 8, 9 | FJSVjs4 | T0315S-03 |
Interstage Application Server Plus 7.0 | Solaris 8, 9 | FJSVjs4 | T020LS-11 |
Interstage Application Server Plus 7.0.1 | Solaris 8, 9, 10 | FJSVjs4 | T020LS-11 |
Interstage Application Server Web-J Edition 6.0 | Solaris 7, 8, 9 | FJSVjs4 | T0114S-07 |
Interstage Application Server Web-J Edition 6.0.1 | Solaris 7, 8, 9 | FJSVjs4 | T0163S-09 |
Interstage Application Server Web-J Edition 6.0.2 | Solaris 7, 8, 9 | FJSVjs4 | T0315S-03 |
Interstage Application Server Web-J Edition 7.0 | Solaris 8, 9 | FJSVjs4 | T020LS-11 |
Interstage Application Server Web-J Edition 7.0.1 | Solaris 8, 9, 10 | FJSVjs4 | T020LS-11 |
Interstage Application Server Web-J Edition 8.0.0 | Solaris 9, 10 | FJSVjs4 | T000574SP-12 |
Interstage Application Server Web-J Edition 8.0.3 | Solaris 9, 10 | FJSVjs4 | T000574SP-12 |
Interstage Application Server Enterprise Edition V6.0L10 | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
Interstage Application Server Enterprise Edition V6.0L10B | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
Interstage Application Server Enterprise Edition V6.0L10C | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
Interstage Application Server Enterprise Edition V7.0L10 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | TK00544 |
Interstage Application Server Enterprise Edition V7.0L11 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | TK00544 |
Interstage Application Server Enterprise Edition 8.0.0 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000685WP-06 |
Interstage Application Server Enterprise Edition 8.0.0 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000687WP-06(*1) |
Interstage Application Server Enterprise Edition 8.0.1 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000685WP-06 |
Interstage Application Server Enterprise Edition 8.0.1 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000687WP-06(*1) |
Interstage Application Server Enterprise Edition 8.0.3 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000685WP-06 |
Interstage Application Server Enterprise Edition 8.0.3 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000687WP-06(*1) |
Interstage Application Server Enterprise Edition V9.0.0 | Windows Server 2003/ Windows 2000 Server | F3FMjs5 | T001574WP-03 |
Interstage Application Server Enterprise Edition V9.0.0 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T001581WP-01 |
Interstage Application Server Enterprise Edition V9.1.0 | Windows Server 2003/ Windows 2000 Server/ Windows Server 2008 | F3FMjs5 | T003389WP-02 |
Interstage Application Server Enterprise Edition V9.1.0 | Windows Server 2003/ Windows 2000 Server/ Windows Server 2008 | F3FMjs4 | T003524WP-01 |
Interstage Application Server Enterprise Edition V9.1.0B | Windows Server 2003/ Windows 2000 Server/ Windows Server 2008 | F3FMjs5 | T003389WP-02 |
Interstage Application Server Enterprise Edition V9.1.0B | Windows Server 2003/ Windows 2000 Server/ Windows Server 2008 | F3FMjs4 | T003524WP-01 |
Interstage Application Server Standard Edition V6.0L10 | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
Interstage Application Server Standard Edition V6.0L10B | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
Interstage Application Server Standard Edition V6.0L10C | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
Interstage Application Server Standard Edition V7.0L10 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | TK00544 |
Interstage Application Server Standard Edition V7.0L11 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | TK00544 |
Interstage Application Server Standard-J Edition 8.0.0 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000686WP-06 |
Interstage Application Server Standard-J Edition 8.0.0 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000687WP-06(*1) |
Interstage Application Server Standard-J Edition 8.0.1 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000686WP-06 |
Interstage Application Server Standard-J Edition 8.0.1 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000687WP-06(*1) |
Interstage Application Server Standard-J Edition 8.0.3 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000686WP-06 |
Interstage Application Server Standard-J Edition 8.0.3 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000687WP-06(*1) |
Interstage Application Server Standard-J Edition V9.0.0 | Windows Server 2003/ Windows 2000 Server | F3FMjs5 | T001574WP-03 |
Interstage Application Server Standard-J Edition V9.0.0 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T001581WP-01 |
Interstage Application Server Standard-J Edition V9.1.0 | Windows Server 2003/ Windows 2000 Server/ Windows Server 2008 | F3FMjs5 | T003389WP-02 |
Interstage Application Server Standard-J Edition V9.1.0 | Windows Server 2003/ Windows 2000 Server/ Windows Server 2008 | F3FMjs4 | T003524WP-01 |
Interstage Application Server Standard-J Edition V9.1.0B | Windows Server 2003/ Windows 2000 Server/ Windows Server 2008 | F3FMjs5 | T003389WP-02 |
Interstage Application Server Standard-J Edition V9.1.0B | Windows Server 2003/ Windows 2000 Server/ Windows Server 2008 | F3FMjs4 | T003524WP-01 |
Interstage Application Server Plus V6.0L10 | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
Interstage Application Server Plus V6.0L10A | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
Interstage Application Server Plus V6.0L10B | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
Interstage Application Server Plus V6.0L10C | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
Interstage Application Server Plus V7.0L10 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | TK00544 |
Interstage Application Server Plus V7.0L11 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | TK00544 |
Interstage Application Server Plus Developer V6.0L10 | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0/ Windows XP | F3FMjs4 | TK00543 |
Interstage Application Server Plus Developer V7.0L10 | Windows Server 2003/ Windows 2000 Server/ Windows XP | F3FMjs4 | TK00544 |
Interstage Application Server Web-J Edition V6.0L10 | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
Interstage Application Server Web-J Edition V6.0L10A | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
Interstage Application Server Web-J Edition V6.0L10B | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
Interstage Application Server Web-J Edition V6.0L10C | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
Interstage Application Server Web-J Edition V7.0L10 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | TK00544 |
Interstage Application Server Web-J Edition V7.0L10A | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | TK00544 |
Interstage Application Server Web-J Edition V7.0L11 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | TK00544 |
Interstage Application Server Web-J Edition 8.0.0 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000687WP-06 |
Interstage Application Server Web-J Edition 8.0.1 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000687WP-06 |
Interstage Application Server Web-J Edition 8.0.3 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000687WP-06 |
Interstage Application Server Enterprise Edition 8.0.0 | Windows Server 2003(IPF) | F3FMjs4 | - |
Interstage Application Server Enterprise Edition 8.0.3 | Windows Server 2003(IPF) | F3FMjs4 | - |
Interstage Application Server Enterprise Edition V9.0.0 | Windows Server 2003(IPF) | F3FMjs5 | T001580IP-02 |
Interstage Application Server Enterprise Edition V9.0.0 | Windows Server 2003(IPF) | F3FMjs4 | T001585IP-01 |
Interstage Application Server Enterprise Edition V9.1.0 | Windows Server 2003(IPF)/ Windows Server 2008(IPF) | F3FMjs5 | T003523IP-01 |
Interstage Application Server Enterprise Edition V9.1.0 | Windows Server 2003(IPF)/ Windows Server 2008(IPF) | F3FMjs4 | T003528IP-01 |
Interstage Application Server Standard-J Edition V9.0.0 | Windows Server 2003(IPF) | F3FMjs5 | T001580IP-02 |
Interstage Application Server Standard-J Edition V9.0.0 | Windows Server 2003(IPF) | F3FMjs4 | T001585IP-01 |
Interstage Application Server Standard-J Edition V9.1.0 | Windows Server 2003(IPF)/ Windows Server 2008(IPF) | F3FMjs5 | T003523IP-01 |
Interstage Application Server Standard-J Edition V9.1.0 | Windows Server 2003(IPF)/ Windows Server 2008(IPF) | F3FMjs4 | T003528IP-01 |
Interstage Application Server Enterprise Edition V6.0L10 | RHEL-AS3(x86)/ ES3(x86) | FJSVjs4 | T00274-09 |
Interstage Application Server Enterprise Edition V7.0L10 | RHEL-AS3(x86)/ ES3(x86) | FJSVjs4 | T00836-09 |
Interstage Application Server Enterprise Edition V7.0L11 | RHEL-AS3(x86)/ ES3(x86)/ AS4(x86) | FJSVjs4 | T00836-09 |
Interstage Application Server Enterprise Edition 8.0.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T000682LP-08 |
Interstage Application Server Enterprise Edition 8.0.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T000684LP-08(*1) |
Interstage Application Server Enterprise Edition 8.0.3 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T000682LP-08 |
Interstage Application Server Enterprise Edition 8.0.3 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T000684LP-08(*1) |
Interstage Application Server Enterprise Edition V9.0.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs5 | T001576LP-03 |
Interstage Application Server Enterprise Edition V9.0.0 | RHEL5(x86)/ RHEL5(Intel64) | FJSVjs5 | T001577LP-03 |
Interstage Application Server Enterprise Edition V9.0.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T001583LP-01 |
Interstage Application Server Enterprise Edition V9.0.1 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs5 | T001284LP-03 |
Interstage Application Server Enterprise Edition V9.0.1 | RHEL5(x86)/ RHEL5(Intel64) | FJSVjs5 | T001285LP-03 |
Interstage Application Server Enterprise Edition V9.0.1 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T001586LP-01 |
Interstage Application Server Enterprise Edition V9.0.1B | RHEL5(x86)/ RHEL5(Intel64) | FJSVjs5 | T001285LP-03 |
Interstage Application Server Enterprise Edition V9.1.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs5 | T003518LP-01 |
Interstage Application Server Enterprise Edition V9.1.0 | RHEL5(x86)/ RHEL5(Intel64) | FJSVjs5 | T003520LP-01 |
Interstage Application Server Enterprise Edition V9.1.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T003526LP-01 |
Interstage Application Server Enterprise Edition V9.1.0B | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs5 | T003518LP-01 |
Interstage Application Server Enterprise Edition V9.1.0B | RHEL5(x86)/ RHEL5(Intel64) | FJSVjs5 | T003520LP-01 |
Interstage Application Server Enterprise Edition V9.1.0B | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T003526LP-01 |
Interstage Application Server Standard Edition V6.0L10 | RHEL-AS3(x86)/ ES3(x86) | FJSVjs4 | T00274-09 |
Interstage Application Server Standard Edition V7.0L10 | RHEL-AS3(x86)/ ES3(x86) | FJSVjs4 | T00836-09 |
Interstage Application Server Standard Edition V7.0L11 | RHEL-AS3(x86)/ ES3(x86)/ AS4(x86) | FJSVjs4 | T00836-09 |
Interstage Application Server Standard-J Edition 8.0.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T000683LP-08 |
Interstage Application Server Standard-J Edition 8.0.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T000684LP-08(*1) |
Interstage Application Server Standard-J Edition 8.0.3 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T000683LP-08 |
Interstage Application Server Standard-J Edition 8.0.3 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T000684LP-08(*1) |
Interstage Application Server Standard-J Edition V9.0.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs5 | T001576LP-03 |
Interstage Application Server Standard-J Edition V9.0.0 | RHEL5(x86)/ RHEL5(Intel64) | FJSVjs5 | T001577LP-03 |
Interstage Application Server Standard-J Edition V9.0.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T001583LP-01 |
Interstage Application Server Standard-J Edition V9.0.1 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs5 | T001284LP-03 |
Interstage Application Server Standard-J Edition V9.0.1 | RHEL5(x86)/ RHEL5(Intel64) | FJSVjs5 | T001285LP-03 |
Interstage Application Server Standard-J Edition V9.0.1 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T001586LP-01 |
Interstage Application Server Standard-J Edition V9.0.1B | RHEL5(x86)/ RHEL5(Intel64) | FJSVjs5 | T001285LP-03 |
Interstage Application Server Standard-J Edition V9.1.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs5 | T003518LP-01 |
Interstage Application Server Standard-J Edition V9.1.0 | RHEL5(x86)/ RHEL5(Intel64) | FJSVjs5 | T003520LP-01 |
Interstage Application Server Standard-J Edition V9.1.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T003526LP-01 |
Interstage Application Server Standard-J Edition V9.1.0B | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs5 | T003518LP-01 |
Interstage Application Server Standard-J Edition V9.1.0B | RHEL5(x86)/ RHEL5(Intel64) | FJSVjs5 | T003520LP-01 |
Interstage Application Server Standard-J Edition V9.1.0B | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T003526LP-01 |
Interstage Application Server Plus V6.0L10 | RHEL-AS2.1(x86)/ ES2.1(x86) | FJSVjs4 | T00274-09 |
Interstage Application Server Plus V6.0L11 | RHEL-AS2.1(x86)/ ES2.1(x86)/ AS3(x86)/ ES3(x86) | FJSVjs4 | T00274-09 |
Interstage Application Server Plus V7.0L10 | RHEL-AS3(x86)/ ES3(x86) | FJSVjs4 | T00836-09 |
Interstage Application Server Plus V7.0L11 | RHEL-AS3(x86)/ ES3(x86)/ AS4(x86) | FJSVjs4 | T00836-09 |
Interstage Application Server Web-J Edition V6.0L10 | RHEL-AS2.1(x86)/ ES2.1(x86) | FJSVjs4 | T00274-09 |
Interstage Application Server Web-J Edition V6.0L11 | RHEL-AS2.1(x86)/ ES2.1(x86)/ AS3(x86)/ ES3(x86) | FJSVjs4 | T00274-09 |
Interstage Application Server Web-J Edition V7.0L10 | RHEL-AS3(x86)/ ES3(x86) | FJSVjs4 | T00836-09 |
Interstage Application Server Web-J Edition V7.0L11 | RHEL-AS3(x86)/ ES3(x86)/ AS4(x86) | FJSVjs4 | T00836-09 |
Interstage Application Server Web-J Edition 8.0.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T000684LP-08 |
Interstage Application Server Web-J Edition 8.0.3 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T000684LP-08 |
Interstage Application Server Enterprise Edition V7.0L10 | RHEL-AS4(IPF) | FJSVjs4 | T001343QP-03 |
Interstage Application Server Enterprise Edition 8.0.0 | RHEL-AS4(IPF) | FJSVjs4 | T000109QP-07 |
Interstage Application Server Enterprise Edition 8.0.1 | RHEL-AS4(IPF) | FJSVjs4 | T000681QP-05 |
Interstage Application Server Enterprise Edition 8.0.3 | RHEL-AS4(IPF) | FJSVjs4 | T000681QP-05 |
Interstage Application Server Enterprise Edition V9.0.0 | RHEL-AS4(IPF) | FJSVjs5 | T001578QP-02 |
Interstage Application Server Enterprise Edition V9.0.0 | RHEL5(IPF) | FJSVjs5 | T001579QP-02 |
Interstage Application Server Enterprise Edition V9.0.0 | RHEL-AS4(IPF) | FJSVjs4 | T001584QP-01 |
Interstage Application Server Enterprise Edition V9.1.0 | RHEL-AS4(IPF) | FJSVjs5 | T003521QP-01 |
Interstage Application Server Enterprise Edition V9.1.0 | RHEL5(IPF) | FJSVjs5 | T003522QP-01 |
Interstage Application Server Enterprise Edition V9.1.0 | RHEL-AS4(IPF) | FJSVjs4 | T003527QP-01 |
Interstage Application Server Standard-J Edition V9.0.0 | RHEL-AS4(IPF) | FJSVjs5 | T001578QP-02 |
Interstage Application Server Standard-J Edition V9.0.0 | RHEL5(IPF) | FJSVjs5 | T001579QP-02 |
Interstage Application Server Standard-J Edition V9.0.0 | RHEL-AS4(IPF) | FJSVjs4 | T001584QP-01 |
Interstage Application Server Standard-J Edition V9.1.0 | RHEL-AS4(IPF) | FJSVjs5 | T003521QP-01 |
Interstage Application Server Standard-J Edition V9.1.0 | RHEL5(IPF) | FJSVjs5 | T003522QP-01 |
Interstage Application Server Standard-J Edition V9.1.0 | RHEL-AS4(IPF) | FJSVjs4 | T003527QP-01 |
製品名 | 対象OS | パッケージ名 | Patch ID |
---|---|---|---|
Interstage Apworks Enterprise Edition V6.0L10 | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0/ Windows XP | F3FMjs4 | TK00543 |
Interstage Apworks Enterprise Edition V6.0L10A | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0/ Windows XP | F3FMjs4 | TK00543 |
Interstage Apworks Enterprise Edition V6.0L10B | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0/ Windows XP | F3FMjs4 | TK00543 |
Interstage Apworks Enterprise Edition V7.0L10 | Windows Server 2003/ Windows 2000 Server/ Windows XP | F3FMjs4 | TK00544 |
Interstage Apworks Enterprise Edition 8.0.0 | Windows Server 2003/ Windows 2000 Server/ Windows XP | F3FMjs4 | T000685WP-06 |
Interstage Apworks Enterprise Edition 8.1.0 | Windows Server 2003/ Windows 2000 Server/ Windows XP | F3FMjs4 | T000685WP-06 |
Interstage Apworks Standard Edition V6.0L10 | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0/ Windows XP | F3FMjs4 | TK00543 |
Interstage Apworks Standard Edition V6.0L10A | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0/ Windows XP | F3FMjs4 | TK00543 |
Interstage Apworks Standard Edition V7.0L10 | Windows Server 2003/ Windows 2000 Server/ Windows XP | F3FMjs4 | TK00544 |
Interstage Apworks Standard-J Edition 8.0.1 | Windows Server 2003/ Windows 2000 Server/ Windows XP | F3FMjs4 | T000686WP-06 |
Interstage Apworks Modelers-J Edition V6.0L10 | Windows 2000 Server/ Windows XP | F3FMjs4 | TK00543 |
Interstage Apworks Modelers-J Edition V6.0L10A | Windows 2000 Server/ Windows XP | F3FMjs4 | TK00543 |
Interstage Apworks Modelers-J Edition V7.0L10 | Windows Server 2003/ Windows 2000 Server/ Windows XP | F3FMjs4 | TK00544 |
Interstage Studio Enterprise Edition V9.0.0 | Windows Server 2003/ Windows 2000 Server/ Windows XP/ Windows Vista | F3FMjs5 | T001574WP-03 |
Interstage Studio Enterprise Edition V9.0.0A | Windows Server 2003/ Windows 2000 Server/ Windows XP/ Windows Vista | F3FMjs5 | T001574WP-03 |
Interstage Studio Enterprise Edition V9.0.1 | Windows Server 2003/ Windows 2000 Server/ Windows XP/ Windows Vista | F3FMjs5 | T001574WP-03 |
Interstage Studio Enterprise Edition V9.1.0 | Windows Server 2003/ Windows 2000 Server/ Windows Server 2008/ Windows XP/ Windows Vista | F3FMjs5 | T003389WP-02 |
Interstage Studio Enterprise Edition V9.1.0B | Windows Server 2003/ Windows 2000 Server/ Windows Server 2008/ Windows XP/ Windows Vista | F3FMjs5 | T003389WP-02 |
Interstage Studio Standard-J Edition V9.0.0 | Windows Server 2003/ Windows 2000 Server/ Windows XP/ Windows Vista | F3FMjs5 | T001574WP-03 |
Interstage Studio Standard-J Edition V9.0.0A | Windows Server 2003/ Windows 2000 Server/ Windows XP/ Windows Vista | F3FMjs5 | T001574WP-03 |
Interstage Studio Standard-J Edition V9.0.1 | Windows Server 2003/ Windows 2000 Server/ Windows XP/ Windows Vista | F3FMjs5 | T001574WP-03 |
Interstage Studio Standard-J Edition V9.1.0 | Windows Server 2003/ Windows 2000 Server/ Windows Server 2008/ Windows XP/ Windows Vista | F3FMjs5 | T003389WP-02 |
Interstage Studio Standard-J Edition V9.1.0B | Windows Server 2003/ Windows 2000 Server/ Windows Server 2008/ Windows XP/ Windows Vista | F3FMjs5 | T003389WP-02 |
Interstage Studio with UML Modeling Tool V9.0.0 | Windows Server 2003/ Windows 2000 Server/ Windows XP/ Windows Vista | F3FMjs5 | T001574WP-03 |
Interstage Studio with UML Modeling Tool V9.1.0 | Windows Server 2003/ Windows 2000 Server/ Windows Server 2008/ Windows XP/ Windows Vista | F3FMjs5 | T003389WP-02 |
Interstage Studio with UML Modeling Tool V9.1.0B | Windows Server 2003/ Windows 2000 Server/ Windows Server 2008/ Windows XP/ Windows Vista | F3FMjs5 | T003389WP-02 |
製品名 | 対象OS | パッケージ名 | Patch ID |
---|---|---|---|
Interstage Business Application Server Enterprise Edition 7.0 | Solaris 8, 9 | FJSVjs4 | T020LS-11 |
Interstage Business Application Server Enterprise Edition 7.0.1 | Solaris 8, 9 | FJSVjs4 | T020LS-11 |
Interstage Business Application Server Enterprise Edition 8.0.0 | Solaris 9, 10 | FJSVjs4 | T000572SP-12 |
Interstage Business Application Server Enterprise Edition 8.0.0 | Solaris 9, 10 | FJSVjs4 | T000574SP-12(*1) |
Interstage Business Application Server Enterprise Edition 8.0.1 | Solaris 9, 10 | FJSVjs4 | T000572SP-12 |
Interstage Business Application Server Enterprise Edition 8.0.1 | Solaris 9, 10 | FJSVjs4 | T000574SP-12(*1) |
Interstage Business Application Server Standard Edition 8.0.0 | Solaris 9, 10 | FJSVjs4 | T000572SP-12 |
Interstage Business Application Server Standard Edition 8.0.0 | Solaris 9, 10 | FJSVjs4 | T000574SP-12(*1) |
Interstage Business Application Server Standard Edition 8.0.0 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000685WP-06 |
Interstage Business Application Server Standard Edition 8.0.0 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000687WP-06(*1) |
Interstage Business Application Server Standard Edition 8.0.1 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000685WP-06 |
Interstage Business Application Server Standard Edition 8.0.1 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000687WP-06(*1) |
Interstage Business Application Server Standard Edition 8.0.0 | RHEL-AS4(x86) | FJSVjs4 | T000682LP-08 |
Interstage Business Application Server Standard Edition 8.0.0 | RHEL-AS4(x86) | FJSVjs4 | T000684LP-08(*1) |
Interstage Business Application Server Enterprise Edition 8.0.0 | RHEL-AS4(IPF) | FJSVjs4 | T000109QP-07 |
Interstage Business Application Server Enterprise Edition 8.0.1 | RHEL-AS4(IPF) | FJSVjs4 | T000681QP-05 |
Interstage Business Application Server Standard Edition 8.0.0 | RHEL-AS4(IPF) | FJSVjs4 | T000109QP-07 |
Interstage Business Application Server Standard Edition 8.0.1 | RHEL-AS4(IPF) | FJSVjs4 | T000109QP-07 |
製品名 | 対象OS | パッケージ名 | Patch ID |
---|---|---|---|
Interstage Job Workload Server 8.1.1 | Solaris 10 | FJSVjs4 | T000572SP-12 |
Interstage Job Workload Server 8.0.0 | RHEL-AS4(IPF) | FJSVjs4 | T000109QP-07 |
Interstage Job Workload Server 8.0.1 | RHEL-AS4(IPF) | FJSVjs4 | T000109QP-07 |
Interstage Job Workload Server 8.1.0 | RHEL-AS4(IPF) | FJSVjs4 | T000109QP-07 |
Interstage Job Workload Server 8.1.1 | RHEL-AS4(IPF) | FJSVjs4 | T000681QP-05 |
製品名 | 対象OS | パッケージ名 | Patch ID |
---|---|---|---|
Interstage Web Server V9.0.0 | Solaris 9, 10 | FJSVjs5 | T001575SP-03 |
Interstage Web Server V9.0.0 | Solaris 9, 10 | FJSVjs4 | T001582SP-02 |
Interstage Web Server V9.1.0 | Solaris 9, 10 | FJSVjs5 | T003517SP-01 |
Interstage Web Server V9.1.0 | Solaris 9, 10 | FJSVjs4 | T003525SP-01 |
Interstage Web Server V9.1.0A | Solaris 9, 10 | FJSVjs5 | T003517SP-01 |
Interstage Web Server V9.1.0A | Solaris 9, 10 | FJSVjs4 | T003525SP-01 |
Interstage Web Server V9.0.0 | Windows Server 2003/ Windows 2000 Server | F3FMjs5 | T001574WP-03 |
Interstage Web Server V9.0.0 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T001581WP-01 |
Interstage Web Server V9.1.0 | Windows Server 2003/ Windows 2000 Server/ Windows Server 2008 | F3FMjs5 | T003389WP-02 |
Interstage Web Server V9.1.0 | Windows Server 2003/ Windows 2000 Server/ Windows Server 2008 | F3FMjs4 | T003524WP-01 |
Interstage Web Server V9.0.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs5 | T001576LP-03 |
Interstage Web Server V9.0.0 | RHEL5(x86)/ RHEL5(Intel64) | FJSVjs5 | T001577LP-03 |
Interstage Web Server V9.0.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T001583LP-01 |
Interstage Web Server V9.0.1 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs5 | T001284LP-03 |
Interstage Web Server V9.0.1 | RHEL5(x86)/ RHEL5(Intel64) | FJSVjs5 | T001285LP-03 |
Interstage Web Server V9.0.1 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T001586LP-01 |
Interstage Web Server V9.1.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs5 | T003518LP-01 |
Interstage Web Server V9.1.0 | RHEL5(x86)/ RHEL5(Intel64) | FJSVjs5 | T003520LP-01 |
Interstage Web Server V9.1.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T003526LP-01 |
Patch IDの表記のみ、あるいはIDの記載のない製品に関しては、当社サポートセンターにお問い合わせください。
(*1) Web Packageをご利用の場合に適用して頂くパッチです。
参考: 該当製品の確認方法
該当製品の確認方法は製品およびVLによって異なります。
- V6系の場合
- Solaris版の場合
FJSVisasパッケージのパッケージ情報を確認します。
pkginfo -l FJSVisas - Windows版の場合
[ソフトウェア説明書]の表題を確認します。
[スタートボタン]
→[プログラム]
→[Interstage]
→[Application Server | Application Framework Suite | Apworks]
→[ソフトウェア説明書] - Linux版の場合
FJSVisasパッケージのパッケージ情報を確認します。
rpm -q FJSVisas
- Solaris版の場合
- V7系以降の場合
isprintvlコマンドで確認します。
isprintvl
3-3. 回避方法
ありません。
4. 関連情報
本問題は、以下のApache Tomcatの脆弱性に該当します。
- JVNDB-2008-001611: Apache Tomcat におけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001611.html - CVE-2008-2938: Tomcat directory traversal vulnerability
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2938
5. 改版履歴
- 2010年10月18日 新規掲載