Denial of Service Vulnerability in IBM Web Traffic Express Caching Proxy Server
CVE-2002-1169

Currently unrated

Key Information:

Vendor: IBM
Status: Websphere Caching Proxy Server
Vendor: CVE Published:; 4 November 2002

Summary

The IBM Web Traffic Express Caching Proxy Server versions 3.6 and 4.x prior to 4.0.1.26 are susceptible to a denial of service vulnerability. This issue occurs when a remote attacker sends an improper HTTP request to the helpout.exe component, specifically missing the HTTP version number. Such a malformed request can lead to a crash of the ibmproxy.exe process, rendering the service unavailable and impacting data accessibility.

References

http://www.iss.net/security_center/static/10452.php

vdb-entryx_refsource_XF

http://www-1.ibm.com/support/search.wss?rs=0&q=IY35970&ap...

vendor-advisoryx_refsource_AIXAPAR

http://www.rapid7.com/advisories/R7-0007.txt

x_refsource_MISC

Timeline

Vulnerability published
Nov 4, 2002
Vulnerability Reserved
Sep 27, 2002