Re: IBM AS/400 HTTP Server '/' attack

From: Thomas Reinke (reinke@e-softinc.com)
Date: Wed Nov 21 2001 - 13:49:42 PST

Next message: Pedro Quintanilha: "CITRIX & Microsoft Windows Terminal Services False IP Address Vulnerability"

Previous message: Luciano Miguel Ferreira Rocha: "Re: SuSE 7.3 : Kernel 2.4.10-4GB Bug"
In reply to: Chris Best: "RE: IBM AS/400 HTTP Server '/' attack"
Next in thread: Felix Huber: "Re: IBM AS/400 HTTP Server '/' attack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

According to a source from IBM,

   1. It is the WebSphere version 3.5.4 of the File Serving Servlet 
      that is vulnerable, not the web server.

   2. A fix is to be available in fixpack 5 due at end of November.

Thomas


> I can confirm that a server reporting 'IBM-HTTP-Server/1.0' _IS_ vulrable
> to this. I do not know if updates increment that number or not...
 
------------------------------------------------------------
Thomas Reinke                            Tel: (905) 331-2260
Director of Technology                   Fax: (905) 331-2504
E-Soft Inc.                         http://www.e-softinc.com
Publishers of SecuritySpace     http://www.securityspace.com

Next message: Pedro Quintanilha: "CITRIX & Microsoft Windows Terminal Services False IP Address Vulnerability"
Previous message: Luciano Miguel Ferreira Rocha: "Re: SuSE 7.3 : Kernel 2.4.10-4GB Bug"
In reply to: Chris Best: "RE: IBM AS/400 HTTP Server '/' attack"
Next in thread: Felix Huber: "Re: IBM AS/400 HTTP Server '/' attack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Nov 21 2001 - 17:58:35 PST