posted 20 years ago
A little googling identified that the PROPFIND method referred to in the first exception is a nonstandard extension to HTTP that started being used for a worm/trojan starting around 2002. My guess is someone is trying to insert a trojan into your system by exploiting a buffer overflow bug in Microsoft IIS - but fortunately you're not running IIS, so you're not vulnerable. (They're probably not attacking your machine specifically, but rather just scanning the net and attacking any vulnerable machines.)
I don't know why WebSphere is throwing an exception instead of just logging the bad request. That might be worth asking IBM.
The second exception is a NullPointerException, so a null pointer was probably created in your code and then passed around for a while before it caused the exception. That's likely to be painful to track down - the best way is probably to put in a few score asserts to catch null pointers early and run the code with them for a while.