Plugin ID | 323 |
Plugin name | Sun Java System Web and Application Server Denial-of-Service |
Plugin filename | Sun Java System Web and Application Server.plugin |
Plugin filesize | 3136 bytes |
Plugin family | Denial of Service |
Plugin created name | David Nester |
Plugin created email | david at icrew dot org |
Plugin created web | http://www.icrew.org |
Plugin created company | iCrew Security |
Plugin created date | 2004/12/05 |
Plugin updated name | David Nester |
Plugin updated email | david at icrew dot org |
Plugin updated web | http://www.icrew.org/ |
Plugin updated company | iCrew Security |
Plugin version | 1.5 |
Plugin protocol | tcp |
Plugin port | 443 |
Plugin procedure detection | open|send HEAD / HTTP/1.0\n\n|sleep|close|pattern_exists HTTP/#.# ### *Sun/6.[0-1]* OR HTTP/#.# ### *Sun/7.0* |
Plugin comment | This plugin was written with the ATK Attack Editor. |
Bug published name | Sun Microsystems |
Bug published email | info at sun dot com |
Bug published web | http://www.sun.com |
Bug published company | Sun Microsystems |
Bug published date | 2004-11-02 |
Bug advisory | http://sunsolve.sun.com/search/document.do?assetkey=1-26-57669-1 |
Bug produced name | Sun Microsystems |
Bug produced email | info at sun dot com |
Bug produced web | http://www.sun.com |
Bug affected | SunOne Web Server v.6.0 and 6.1 and Application Server v.7.0 |
Bug vulnerability class | Denial Of Service |
Bug description | Security Vulnerabilities May Allow a Denial of Service in Sun Java System Web and Application Server Products. |
Bug solution | Remediation details and patch links from Sun Alert ID 57669 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57669-1The security vulnerability is related to the following products:Resolution These issues are addressed in the following releases: Sun Java System Web Server 6.0 Service Pack 8 or later Sun Java System Web Server 6.1 Service Pack 2 or later Sun Java System Application Server 7 Standard Edition Update 5 or later Sun Java System Application Server 7 Platform Edition Update 5 or later Sun Java System Application Server 7 2004Q2 Update 1 or later |
Bug fixing time | 4 hours |
Bug remote | Yes |
Bug local | No |
Bug severity | High |
Bug popularity | 2 |
Bug simplicity | 8 |
Bug impact | 8 |
Bug risk | 8 |
Source Literature | Hacking Intern - Angriffe, Strategien, Abwehr, Marc Ruef, Marko Rogge, Uwe Velten and Wolfram Gieseke, November 1, 2002, Data Becker, Düsseldorf, ISBN 381582284X |
Source Misc. | http://sunsolve.sun.com/search/document.do?assetkey=1-26-57669-1 |