IBM Websphere Application Server 3.0.2 Server Plugin DoS Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1691/info Large amounts of data ie 1092+ characters in the Host: request header may cause the web server process to fault on signal 11 SIGSEGV or signal 10 SIGBUS. GET /servletsnoop HTTP/1.0 Host:...

WebSphere application server plugin issue & vendor fix

I've had the opportunity to work with IBM WebSphere application server for a few months now and, in the course of playing around with some buffer overrun testing, a potential issue came up. WebSphere uses the HTTP Host: header to decide which WAS Virtual Host will service a particular request...