Vulnerability: Jigsaw DOS dev request path exposure/DoS

The SANs Institute has warned Jigsaw Webserver prior to version 2.2.1 Dev/2.2/20020711 discloses the physical path when a remote attacker makes multiple requests for /aux. Multiple requests for /servlet/con also will result in a denial of service situation.

The vendor confirmed this vulnerability and released an update, which is available at:http://jigsaw.w3.org/Devel/classes-2.2/20020711/The security alert is available here.

Join the newsletter!

Error: Please check your email address.

More about NeohapsisSANS InstituteThe SANS Institute

Show Comments

Market Place