IBM’s ISS explains the potential problem and with informative links:
The problem is the software is vulnerable to a specially crafted HTTP request to SecurityGateway.dll using a long username parameter, a remote attacker can overflow a buffer and execute arbitrary code.
This means that a system vulnerable will be potentially owned by hackers in no time flat.
Do you have a vulnerable system?
