Provided by Aanval (Snort & Syslog Intrusion Detection and Correlation Engine) www.aanval.com
--
| GEN:SID | 1:1831 |
| Message | WEB-MISC jigsaw dos attempt |
| Summary | This event is generated when an attempt is made to exploit a Denial of Service (DoS) condition in the Jigsaw web server from W3C. |
| Impact | Denial of Service. |
| Detailed Information | Jigsaw is a Java-based web server developed by W3C. Jigsaw version 2.2.1 is vulnerable to a DoS attack caused by improper handling of requests for DOS device names. Jigsaw web server versions prior to 2.2.1 (Build 20020711) contain a Denial of Service vulnerability in a handler that processes HTTP requests for DOS device files. This may result in process threads hanging and a consumption of all available resources. |
| Affected Systems | Jigsaw 2.2.1 |
| Attack Scenarios | It is possible to crash the Jigsaw web server by requesting /servlet/con about 30 times. |
| Ease of Attack | Simple. |
| Corrective Action | Upgrade to the latest version of Jigsaw (2.2.1 Build 20020711 or later) |
| Additional References | Bugtraq: http://www.securityfocus.com/bid/5258/ |
| Rule References | nessus: 11047 |
--
DID:254609
--
http://www.aanval.com/