Sun GlassFish Enterprise < 2.1 Patch 02 Denial of Service

low Nessus Plugin ID 39330

Synopsis

The remote web server is affected by a local denial of service vulnerability.

Description

The remote host is running a version of Sun GlassFish Enterprise Server earlier than Sun GlassFish Enterprise Server 2.1 with Patch 02.
Such versions are reportedly affected by a local denial of service vulnerability in the HTTP Engine and administration interface. A local attacker could exploit this issue to crash the affected service.

Solution

Upgrade to Sun GlassFish Enterprise Server 2.1 with Patch 02 or later.

See Also

https://download.oracle.com/sunalerts/1020443.1.html

Plugin Details

Severity: Low

ID: 39330

File Name: glassfish_2_1_02.nasl

Version: 1.11

Type: remote

Family: Web Servers

Published: 6/9/2009

Updated: 4/5/2022

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Low

Base Score: 2.1

Temporal Score: 1.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: cpe:/a:oracle:glassfish_server

Required KB Items: www/glassfish

Exploit Ease: No known exploits are available

Reference Information

BID: 35217