Sun Java System Web and Application Server Denial-of-Service 1.5
 
Plugin ID323
Plugin nameSun Java System Web and Application Server Denial-of-Service
Plugin filenameSun Java System Web and Application Server.plugin
Plugin filesize3136 bytes
Plugin familyDenial of Service
Plugin created nameDavid Nester
Plugin created emaildavid at icrew dot org
Plugin created webhttp://www.icrew.org
Plugin created companyiCrew Security
Plugin created date2004/12/05
Plugin updated nameDavid Nester
Plugin updated emaildavid at icrew dot org
Plugin updated webhttp://www.icrew.org/
Plugin updated companyiCrew Security
Plugin version1.5
Plugin protocoltcp
Plugin port443
Plugin procedure detectionopen|send HEAD / HTTP/1.0\n\n|sleep|close|pattern_exists HTTP/#.# ### *Sun/6.[0-1]* OR HTTP/#.# ### *Sun/7.0*
Plugin commentThis plugin was written with the ATK Attack Editor.
Bug published nameSun Microsystems
Bug published emailinfo at sun dot com
Bug published webhttp://www.sun.com
Bug published companySun Microsystems
Bug published date2004-11-02
Bug advisoryhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-57669-1
Bug produced nameSun Microsystems
Bug produced emailinfo at sun dot com
Bug produced webhttp://www.sun.com
Bug affectedSunOne Web Server v.6.0 and 6.1 and Application Server v.7.0
Bug vulnerability classDenial Of Service
Bug descriptionSecurity Vulnerabilities May Allow a Denial of Service in Sun Java System Web and Application Server Products.
Bug solutionRemediation details and patch links from Sun Alert ID 57669 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57669-1The security vulnerability is related to the following products:Resolution These issues are addressed in the following releases: Sun Java System Web Server 6.0 Service Pack 8 or later Sun Java System Web Server 6.1 Service Pack 2 or later Sun Java System Application Server 7 Standard Edition Update 5 or later Sun Java System Application Server 7 Platform Edition Update 5 or later Sun Java System Application Server 7 2004Q2 Update 1 or later
Bug fixing time4 hours
Bug remoteYes
Bug localNo
Bug severityHigh
Bug popularity2
Bug simplicity8
Bug impact8
Bug risk8
Source LiteratureHacking Intern - Angriffe, Strategien, Abwehr, Marc Ruef, Marko Rogge, Uwe Velten and Wolfram Gieseke, November 1, 2002, Data Becker, Düsseldorf, ISBN 381582284X
Source Misc.http://sunsolve.sun.com/search/document.do?assetkey=1-26-57669-1

This file was generated by the Attack Tool Kit (ATK), the open-sourced security scanner and exploiting framework.