IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 and IBM Sterling External Authentication Server are vulnerable a buffer overflow, due to the Jetty based GUI in the Secure Zone not properly validating the sizes of the form content and/or HTTP headers submitted. A local attacker positioned inside the Secure Zone could submit a specially crafted HTTP request to disrupt service. IBM X-Force ID: 219133.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm sterling external authentication server 3.4.3.2 |
||
ibm sterling external authentication server 6.0.2.0 |
||
ibm sterling external authentication server 6.0.3.0 |
||
ibm sterling secure proxy 3.4.3.2 |
||
ibm sterling secure proxy 6.0.2 |
||
ibm sterling secure proxy 6.0.3.0 |