HTTP: Jigsaw "con" Device DoS
This signature detects attempts to exploit a know vulnerability against Jigsaw Web Server 2.2.1 on Windows 2000 Server. Attackers can send multiple requests to the Web Server to create multiple connections to /servlet/con that do not time out.
Extended Description
Jigsaw is an HTTP server produced by W3C. It is implemented in Java, and will run on a wide range of systems, including Microsoft Windows, Linux and other Unix based systems. A vulnerability has been reported in some versions of Jigsaw running under Microsoft Windows. Certain HTTP requests for DOS device files may result in process threads hanging. As there is no timeout, each request permanently reduces the number of available server threads. In particular, a request for '/servlet/con' has been reported to cause this behavior.
Affected Products
W3c jigsaw
References
BugTraq: 5258
CVE: CVE-2002-1052
URL: http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0031.html
Short Name
HTTP:MISC:JIGSAW-DEV-DOS1
Severity
Minor
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
"con" CVE-2002-1052 Device DoS Jigsaw bid:5258
Release Date
04/22/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
W3c
CVSS Score
5.0