Nessus Plugin #11150
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
Tomcat servlet engine MD/DOS device names denial of service
- Family:
- Denial of Service
- Category:
- kill_host
- Copyright:
- This script is Copyright (C) 2002 Michel Arboi
- Summary:
- Kills Apache Tomcat by reading 1000+ times a MS/DOS device through the servlet engine
- Version:
- $Revision: 1.8 $
- Cve_id:
- CAN-2003-0045
- Bugtraq_id:
- -
- Xrefs:
- -
- Description:
It was possible to freeze or crash Windows or the web server
by reading a thousand of times a MS/DOS device through Tomcat
servlet engine, using a file name like /examples/servlet/AUX
A cracker may use this flaw to make your system crash
continuously, preventing you from working properly.
Solution : upgrade your Apache Tomcat web server to version 4.1.10.
Risk factor : High
Generiert am 27.04.2005 um 18:49:54 Uhr.