Possible security exposure on IBM WebSphere Application Server Version 4.0 and Version 4.0.1 under specific conditions (APAR PQ54943)
 Flash (Alert)
 
Abstract
Under certain request failure conditions, one user might receive part of a response page intended for another user.
 
Content
Possible Security Exposure Flash relative to APAR PQ54943 for notification to customers.

Versions affected
IBM® WebSphere® Application Server Version 4.0 and Version 4.0.1 are potentially vulnerable. This problem does not occur in Version 4.0.2 or later.

Solution
A fix is available for WebSphere Application Server Version 4.0 by way of APAR PQ54943 (along with fix PQ52901 which is also required as a prerequisite) and is delivered in Fix Pack 2 for WebSphere Application Server Version 4.0 (also known as Version 4.0.2).

To download the fixes or WebSphere Application Server Fix Pack 4.0.2 or later:
  1. Go to the WebSphere Application Server support page.
  2. Search for "PQ54943" and "PQ52901" or "Fix Pack 4.0.2" or a later version Fix Pack.
 
 
 


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > General
Operating system(s): Windows
Software version: 4.0.1
Software edition:
Reference #: 1084018
IBM Group: Software Group
Modified date: Sep 15, 2004