• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

IBM WebSphere Application Server serveServletsByClassnameEnabled Info Disclosure Vulnerability

IBM WebSphere Application Server is prone to vulnerability because of a default setting that can allow attackers to obtain potentially sensitive information.

Information harvested could aid attackers in further exploits.

WebSphere Application Server 6.0 through 6.0.2.25 and 6.1 through 6.1.0.14 are vulnerable.