Thursday, August 11, 2016

IBM Security Bulletin: Redirect HTTP traffic vulnerability may affect IBM HTTP Server (CVE-2016-5387)

There is a vulnerability that allows redirecting of HTTP traffic with CGI applications that may affect IBM HTTP Server (IHS). This vulnerability is known as “HTTPOXY”.

CVE(s): CVE-2016-5387

Affected product(s) and affected version(s):

This vulnerability affects the following versions and releases of IBM HTTP Server (powered by Apache) component in all editions of WebSphere Application Server and bundling products.

  • Version 9.0
  • Version 8.5.5
  • Version 8.5
  • Version 8.0
  • Version 7.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2b1nBg7
X-Force Database: http://ift.tt/2aO8XMj



from IBM Product Security Incident Response Team http://ift.tt/2b1p4CW

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.