| Plugin ID | 323 |
| Plugin name | Sun Java System Web and Application Server Denial-of-Service |
| Plugin filename | Sun Java System Web and Application Server.plugin |
| Plugin filesize | 3136 bytes |
| Plugin family | Denial of Service |
| Plugin created name | David Nester |
| Plugin created email | david at icrew dot org |
| Plugin created web | http://www.icrew.org |
| Plugin created company | iCrew Security |
| Plugin created date | 2004/12/05 |
| Plugin updated name | David Nester |
| Plugin updated email | david at icrew dot org |
| Plugin updated web | http://www.icrew.org/ |
| Plugin updated company | iCrew Security |
| Plugin version | 1.5 |
| Plugin protocol | tcp |
| Plugin port | 443 |
| Plugin procedure detection | open|send HEAD / HTTP/1.0\n\n|sleep|close|pattern_exists HTTP/#.# ### *Sun/6.[0-1]* OR HTTP/#.# ### *Sun/7.0* |
| Plugin comment | This plugin was written with the ATK Attack Editor. |
| Bug published name | Sun Microsystems |
| Bug published email | info at sun dot com |
| Bug published web | http://www.sun.com |
| Bug published company | Sun Microsystems |
| Bug published date | 2004-11-02 |
| Bug advisory | http://sunsolve.sun.com/search/document.do?assetkey=1-26-57669-1 |
| Bug produced name | Sun Microsystems |
| Bug produced email | info at sun dot com |
| Bug produced web | http://www.sun.com |
| Bug affected | SunOne Web Server v.6.0 and 6.1 and Application Server v.7.0 |
| Bug vulnerability class | Denial Of Service |
| Bug description | Security Vulnerabilities May Allow a Denial of Service in Sun Java System Web and Application Server Products. |
| Bug solution | Remediation details and patch links from Sun Alert ID 57669 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57669-1The security vulnerability is related to the following products:Resolution These issues are addressed in the following releases: Sun Java System Web Server 6.0 Service Pack 8 or later Sun Java System Web Server 6.1 Service Pack 2 or later Sun Java System Application Server 7 Standard Edition Update 5 or later Sun Java System Application Server 7 Platform Edition Update 5 or later Sun Java System Application Server 7 2004Q2 Update 1 or later |
| Bug fixing time | 4 hours |
| Bug remote | Yes |
| Bug local | No |
| Bug severity | High |
| Bug popularity | 2 |
| Bug simplicity | 8 |
| Bug impact | 8 |
| Bug risk | 8 |
| Source Literature | Hacking Intern - Angriffe, Strategien, Abwehr, Marc Ruef, Marko Rogge, Uwe Velten and Wolfram Gieseke, November 1, 2002, Data Becker, D�sseldorf, ISBN 381582284X |
| Source Misc. | http://sunsolve.sun.com/search/document.do?assetkey=1-26-57669-1 |