Vulnerabilities > CVE-2005-4806 - Unspecified vulnerability in SUN Java System web Proxy Server 3.6

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
sun
nessus
NVD
Published: 2005-12-31
Updated: 2024-11-21

Summary

Multiple unspecified vulnerabilities in Sun Java System Web Proxy Server 3.6 SP7 and earlier allow remote attackers to cause a denial of service (unresponsive service) via unknown vectors.

Vulnerable Configurations

Part Description Count
Application
Sun
8

Nessus

NASL familyWeb Servers
NASL idSUNONE_WEBPROXY_DOS.NASL
descriptionThe remote host is running Java System Web Proxy Server / Sun ONE Web Proxy Server. According to its banner, the installed Web Proxy Server reportedly suffers from an unspecified remote denial of service vulnerability. By exploiting this flaw, an attacker could cause the affected application to fail to respond to further requests.
last seen2020-06-01
modified2020-06-02
plugin id19697
published2005-09-14
reporterThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/19697
titleSun Java System Web Proxy Server Multiple Unspecified Remote DoS
code
#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description) {
  script_id(19697);
  script_version("1.15");

  script_cve_id("CVE-2005-4806");
  script_bugtraq_id(14788);

  script_name(english:"Sun Java System Web Proxy Server Multiple Unspecified Remote DoS");
 
  script_set_attribute(attribute:"synopsis", value:
"The remote proxy server is prone to a denial of service attack." );
  script_set_attribute(attribute:"description", value:
"The remote host is running Java System Web Proxy Server / Sun ONE Web
Proxy Server. 

According to its banner, the installed Web Proxy Server reportedly
suffers from an unspecified remote denial of service vulnerability. 
By exploiting this flaw, an attacker could cause the affected
application to fail to respond to further requests." );
  # http://web.archive.org/web/20060523234118/http://sunsolve.sun.com/search/document.do?assetkey=1-26-101913-1
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?9e566f57");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Web Proxy Server 3.6 Service Pack 8 or later." );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_set_attribute(attribute:"plugin_publication_date", value: "2005/09/14");
  script_set_attribute(attribute:"vuln_publication_date", value: "2005/09/09");
  script_set_attribute(attribute:"patch_publication_date", value: "2005/09/08");
  script_cvs_date("Date: 2018/07/31 17:27:57");
  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_end_attributes();

  script_summary(english:"Checks for unspecified remote denial of service vulnerability in Sun Java System Web Proxy Server");
  script_category(ACT_GATHER_INFO);
  script_family(english:"Web Servers");
  script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.");
  script_dependencies("http_version.nasl");
  script_require_ports("Services/www", 80, 443);

  exit(0);
}

include("global_settings.inc");
include("misc_func.inc");
include("http.inc");


port = get_http_port(default:80);

banner = http_get_cache(port:port, item: "/", exit_on_fail: 1);
if (
  "Web-Proxy-Server/" >< banner &&
  banner =~ "^Forwarded: .* \(Sun-.+-Web-Proxy-Server/([0-2]\..*|3\.([0-5]\..*|6(\)|-SP[0-7])))"
) security_warning(port);

References