CVE-2002-1153 Information

Description

IBM Websphere 4.0.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP request with long HTTP headers such as \Host.

Reference

ftp://ftp.software.ibm.com/software/websphere/appserv/support/fixes/pq62144/readme.txt http://marc.info/?l=bugtraq&m=103244572803950&w=2 http://www.iss.net/security_center/static/10140.php http://www.osvdb.org/2092 http://www.securityfocus.com/bid/5749