Vulnerabilities > CVE-2001-0558 - Unspecified vulnerability in T. Hauck Jana web Server
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
T. Hauck Jana Webserver 2.01 beta 1 and earlier allows a remote attacker to create a denial of service via a URL request which includes a MS-DOS device name (i.e. GET /aux HTTP/1.0).
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 4 |
Exploit-Db
| description | T. Hauck Jana Server 1.45/1.46/2.0 MS-DOS Device Name DoS Vulnerability. CVE-2001-0558. Dos exploit for windows platform |
| id | EDB-ID:20830 |
| last seen | 2016-02-02 |
| modified | 2001-05-07 |
| published | 2001-05-07 |
| reporter | neme-dhc |
| source | https://www.exploit-db.com/download/20830/ |
| title | T. Hauck Jana Server 1.45/1.46/2.0 - MS-DOS Device Name DoS Vulnerability |
Nessus
| NASL family | Web Servers |
| NASL id | HTTP_W98_DEVNAME_DOS.NASL |
| description | It was possible to freeze or reboot Windows by reading a MS/DOS device through HTTP, using a file name like CON\CON, AUX.htm, or AUX. An attacker could exploit this flaw to deny service to the affected system. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 10930 |
| published | 2002-03-29 |
| reporter | This script is Copyright (C) 2002-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/10930 |
| title | Multiple Web Server on Windows MS/DOS Device Request Remote DOS |
References
- http://archives.neohapsis.com/archives/bugtraq/2001-05/0086.html
- http://archives.neohapsis.com/archives/bugtraq/2001-05/0086.html
- http://www.osvdb.org/1817
- http://www.osvdb.org/1817
- http://www.securityfocus.com/bid/2704
- http://www.securityfocus.com/bid/2704
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6521
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6521