Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:6437
HistoryJul 03, 2004 - 12:00 a.m.

[Full-Disclosure] CYBSEC - Security Advisory: Denial of Service in IBM WebSphere Edge Server

2004-07-0300:00:00
vulners.com
24
JSON

The following advisory is also available in pdf for download at http://www.cybsec.com/vuln/IBM-WebSphere-Edge-Server-DOS.pdf

CYBSEC S.A.
www.cybsec.com

Advisory Name: Denial of Service in WebSphere Edge Server.
Vulnerability Class: Denial of Service
Release Date: June 2nd 2004
Affected Applications:
° WebSphere Edge Components Caching Proxy 5.02 using JunctionRewrite with UseCookiedirective.
Not Affected Applications:
° WebSphere Edge Components Caching Proxy 5.02 NOT using JunctionRewrite with UseCookie directive.
° WebSphere Edge Components Caching Proxy 5.00
Affected Platforms:
° SUSE SLES 8
° SUSE SLES 8 Service Pack 1
° SUSE SLES 8 Service Pack 3
° SUSE SLES 8 Service Pack 3
° Apparently all platforms running WebSphere Edge Server
Local / Remote: Remote
Severity: High
Author: Leandro Meiners.
Vendor Status:
° Fix included in WebSphere Application Server 5.0.3 (to be released)
° Patch available from IBM for clients with Support Level 2 or 3
Reference to Vulnerability Disclosure Policy:
http://www.cybsec.com/vulnerability_policy.pdf

Overview:

WebSphere Edge Component Caching Proxy, part of WebSphere Application Sever, is a reverse proxy designed to reduce bandwidth use and improve a Web site's speed and reliability by providing a point-of-presence node for one or more back-end content servers. It is built to work with content provided by one or more backend WebSphere Application Servers.

Vulnerability Description:

The vulnerability discovered allows a remote attacker to generate a denial of service condition against the WebSphere Edge Component Caching Proxy.

If the reverse proxy is configured with the JunctionRewrite directive being active, a remote attacker can trivially cause a denial of service by executing the GET HTTP method without parameters.

Exploit:

$ echo “GET” | nc <victim_host_ip> <proxy_port>

Solutions:

If JunctionRewrite is unnecessary, disabling it will suffice to prevent the Denial of Service. Also if the option UseCookie in the JunctionRewrite directive is unnecessary disabling it will suffice to prevent the Denial of Service.

Vendor Response:

IBM opened a case regarding the vulnerability and provided a patch within 2 weeks of the initial contact.

Contact Information:

For more information regarding the vulnerability feel free to contact the author at [email protected].

For more information regarding CYBSEC: www.cybsec.com

Leandro Meiners
CYBSEC S.A. Security Systems
E-mail: [email protected]
Tel/Fax: [54-11] 4382-1600
Web: http://www.cybsec.com

JSON