The installation process for the File Transfer servlet in the System Management/Repository component in IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.19 does not enable the secure version, which allows remote attackers to obtain sensitive information via unspecified vectors.

More... (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0432)