IBM Support

IY50409: SYSROUTE OF IY42080:CROSS SITE SCRIPTING BAD REQUESTS ARE NOT RE CORDED IN REQUEST.LOG

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • Both APAR:IY42077 and this one relate to WebSEAL's support
    for protecting Web servers
    against cross-site scripting attacks.
    
    The problem is "bad requests are not recorded in request.log"
    
    When the filtering does work, there's no entry written to the
    log to indicate that anything was filtered.
    
    Michael T. at the Gold Coast confirmed
    that these requests should definitely be logged,
    especially in this case, as otherwise there's no way
    to determine
    who's trying to attack you.
    

Local fix

Problem summary

  • cross site scripting bad requests are not recorded in
    request.log.
    

Problem conclusion

  • Fixed in 3.8-PWS-FP15.
    

Temporary fix

Comments

APAR Information

  • APAR number

    IY50409

  • Reported component name

    TIV POL DIR 3.8

  • Reported component ID

    5698PDD11

  • Reported release

    380

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2003-10-31

  • Closed date

    2003-10-31

  • Last modified date

    2003-10-31

  • APAR is sysrouted FROM one or more of the following:

    IY50407

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    TIV POL DIR 3.8

  • Fixed component ID

    5698PDD11

Applicable component levels

  • R380 PSY

       UP

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSPREK","label":"Tivoli Access Manager for e-business"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"380","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

Modified date:
31 October 2003