Apache Tomcat MS-DOS Device Name Request DoS
Medium Nessus Plugin ID 11150
SynopsisThe instance of Apache Tomcat running on the remote host is affected by a denial of service vulnerability.
DescriptionIt was possible to freeze or crash Windows or the Apache Tomcat web server by reading thousands of times an MS/DOS device through the Tomcat servlet engine, using a file name like /examples/servlet/AUX.
An attacker can exploit this flaw to make your system crash continuously, preventing you from working properly.
SolutionUpgrade to Apache Tomcat version 4.1.10.