OSVDB ID: 25373

Title: IBM WebSphere Application Server (WAS) HTTP Request Handlers Unspecified Exposure

Info

Disclosure

Apr 14, 2006

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

IBM WebSphere Application Server contains a flaw related to its HTTP Request handlers that may allow an unspecified 'security/integrity exposure'. No further details have been provided.

Classification

Location: Remote / Network Access
Attack Type: Attack Type Unknown
Impact: Loss of Integrity
Exploit: Exploit Unknown
Disclosure: OSVDB Verified, Vendor Verified

Solution

Upgrade to version 6.0.2.9 or higher, as it has been reported to fix this vulnerability. In addition, IBM has released a patch (Fix Pack 9) for some older versions.

Products

International Business Machines Corporation	WebSphere Application Server	5.0.2
		5.1.1
		6.0.2

References

Secunia Advisory ID: 20032
CVE ID: 2006-2429 (see also: NVD)
SCIP VulDB ID: 2208
Related OSVDB ID: 25369 25370 25371 25372 25374
VUPEN Advisory: ADV-2006-1736
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-05/0175.html
Vendor Specific News/Changelog Entry: http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27006876
http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27006879
http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27006881
Keyword: PK12323,PK12319

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/25373

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

International Business Machines Corporation

WebSphere Application Server

References

Credit