Fixes are available
8.5.5.15: WebSphere Application Server V8.5.5 Fix Pack 15
8.5.5.17: WebSphere Application Server V8.5.5 Fix Pack 17
8.5.5.20: WebSphere Application Server V8.5.5.20
8.5.5.18: WebSphere Application Server V8.5.5 Fix Pack 18
8.5.5.19: WebSphere Application Server V8.5.5 Fix Pack 19
8.5.5.16: WebSphere Application Server V8.5.5 Fix Pack 16
8.5.5.21: WebSphere Application Server V8.5.5.21
APAR status
Closed as program error.
Error description
Under some conditions, IHS up to v 8.5.x can sent the following http header : X-pad This can be used to guess the version of IHS.
Local fix
Upgrade to IHS v9.x
Problem summary
**************************************************************** * USERS AFFECTED: Users of IBM HTTP Server * **************************************************************** * PROBLEM DESCRIPTION: IHS sometimes sends "x-pad" header. * **************************************************************** * RECOMMENDATION: * **************************************************************** The x-pad header is used to work around an ancient Mozilla bug. The workaround has not been required for many years, and some scanners consider the header to be a fingerprinting mechanism.
Problem conclusion
Code was added to allow the header to be suppressed. It is enabled with 'SuppressXPadHeader ON'. This header is not generated by IHS 9.0. The fix for this APAR is expected to be included in IHS 8.5.5.15 and later.
Temporary fix
Comments
APAR Information
APAR number
PH04673
Reported component name
IBM HTTP SERVER
Reported component ID
5724J0801
Reported release
850
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2018-10-30
Closed date
2019-01-21
Last modified date
2019-01-21
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
IBM HTTP SERVER
Fixed component ID
5724J0801
Applicable component levels
R850 PSY
UP
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSEQTJ","label":"IBM HTTP Server"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"8.5","Line of Business":{"code":"LOB45","label":"Automation"}}]
Document Information
Modified date:
07 September 2022