Multiple Vendor XML DTD Parameter Entity SOAP Server Denial Of Service Vulnerability

Solution:
IBM have released an advisory (PQ70921) and fixes to address these issues in WebSphere App Server version 5. Please see attached advisory for further details regarding obtaining and applying relative fixes.

Microsoft have reportedly released a Knowledge Base article 826231 to address this issue, however it should be noted that this article was not available at the time of writing:
http://support.microsoft.com/default.aspx?kbid=826231


IBM Websphere Application Server 5.0


 

Privacy Statement
Copyright 2010, SecurityFocus