Denial of Service Vulnerability in WebSphere Edge Server by IBM
CVE-2004-0684

Currently unrated

Key Information:

Vendor: IBM
Status: Websphere Edge Server Caching Proxy; Websphere Caching Proxy Server
Vendor: CVE Published:; 6 August 2004

What is CVE-2004-0684?

The WebSphere Edge Component Caching Proxy in IBM WebSphere Edge Server version 5.02 is susceptible to a Denial of Service vulnerability. When the JunctionRewrite directive is enabled, an attacker can exploit this weakness by sending a specially crafted HTTP GET request, which does not require any parameters. This can lead to service disruption, making the web application unavailable to legitimate users.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/16607

vdb-entryx_refsource_XF

http://marc.info/?l=bugtraq&m=108938997528245&w=2

mailing-listx_refsource_BUGTRAQ

http://www.cybsec.com/vuln/IBM-WebSphere-Edge-Server-DOS.pdf

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 6, 2004
Vulnerability Reserved
Jul 12, 2004