IBM » Websphere Application Server » 6.0.2.9 : Security Vulnerabilities, CVEs, Published In 2010 (Denial of service)
mod_ibm_ssl in IBM HTTP Server 6.0 before 6.0.2.43, 6.1 before 6.1.0.33, and 7.0 before 7.0.0.11, as used in IBM WebSphere Application Server (WAS) on z/OS, does not properly handle a large HTTP request body in uploading over SSL, which might allow remote attackers to cause a denial of service (daemon fail) via an upload.
Max CVSS
4.3
EPSS Score
0.36%
Published
2010-06-18
Updated
2010-06-21
The Web Container in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.43, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.11 does not properly handle chunked transfer encoding during a call to response.sendRedirect, which allows remote attackers to cause a denial of service via a GET request.
Max CVSS
5.0
EPSS Score
0.39%
Published
2010-05-17
Updated
2017-08-17
Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.11 allows remote attackers to cause a denial of service (memory consumption and daemon crash) via a crafted request, related to the nodeagent and Deployment Manager components.
Max CVSS
5.0
EPSS Score
0.21%
Published
2010-05-17
Updated
2017-08-17
IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.9 allows remote authenticated users to cause a denial of service (ORB ListenerThread hang) by aborting an SSL handshake.
Max CVSS
4.0
EPSS Score
0.34%
Published
2010-04-01
Updated
2017-08-17
4 vulnerabilities found