Title: IBM Tivoli Policy Director WebSeal Denial Of Service Vulnerability
Severity: MODERATE
Description:
WebSeal is the proxy component of the IBM Tivoli Policy Director. It is able to provide authentication and control web access by filtering HTTP requests.
WebSeal is prone to denial of service attacks. If a '%2e' is appended to the end of a web request, this will cause WebSeal to stop operating when it tries to process the URL. Services provided by WebSeal will no longer function, until the WebSeal server is restarted. This may facilitate other attacks, due to the reduced security that may result from WebSeal shutting down.
It has been reported that this is related to the use of SSL junctions between the WebSeal component and web servers. The WebSeal component may fail when certain URLs are passed across this connection.
Affected Products:
- IBM Tivoli SecureWay Policy Director 3.8.0
References:
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
