IBM WebSphere Large HTTP Header Buffer Overflow Vulnerability

IBM WebSphere Large HTTP Header Buffer Overflow Vulnerability

A buffer-overflow vulnerability has been reported for IBM WebSphere 4.0.3 running on a Microsoft Windows 2000 platform. Reportedly, IBM WebSphere fails to properly check bounds when receiving HTTP requests. Specifically, the vulnerability is related to the WebSphere plugin not limiting the size of HTTP POST data that would be received by the application server.

The application server will crash when it receives an overly large HTTP POST request.