CVE-2006-7164

Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server versions 5.0.1 through 5.0.2.7

Description The issue concerns the SimpleFileServlet in IBM WebSphere Application Server, which fails to block certain invalid URIs and does not issue a security challenge. This allows remote attackers to read secure files and obtain sensitive information via certain requests.

Recommendations For IBM WebSphere Application Server versions 5.0.1 through 5.0.2.7, consider restricting access to the SimpleFileServlet until a patch is available. As a temporary workaround, limit the handling of invalid URIs to prevent unauthorized file access.