Jetty < 4.2.19 Content-Length DoS

Medium Nessus Network Monitor Plugin ID 2714


The remote host is vulnerable to a Denial of Service (DoS) attack.


The remote host is running Jetty, a Java web server that can be downloaded off the Internet and is currently bundled with some IBM applications. This version of Jetty is vulnerable to a remote Denial of Service (DoS) attack. An attacker exploiting this flaw would be able to render the web server unavailable.


Upgrade to version 4.2.19 or higher.

See Also

Plugin Details

Severity: Medium

ID: 2714

Family: Web Servers

Published: 2005/03/17

Modified: 2018/09/16

Dependencies: 1442

Nessus ID: 17348

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C


Base Score: 5.3

Temporal Score: 4.6


Temporal Vector: CVSS3#E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:mortbay:jetty

Reference Information

CVE: CVE-2004-2381

BID: 9917