T. Hauck Jana Server 1.45/1.46/2.0 - MS-DOS Device Name Denial of Service

Author: neme-dhc
type: dos
platform: windows
port: 
date_added: 2001-05-07  
date_updated: 2012-08-26  
verified: 1  
codes: CVE-2001-0558;OSVDB-1817  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 20830.txt  

source: https://www.securityfocus.com/bid/2704/info

Versions of Jana Server are vulnerable to a denial of service attack.

It is possible to remotely crash a system running Jana Server by submitting a URL request which specifies an MS-DOS devicename.

A hard reboot of the exploited server will be required to restore web services.

www.example.com/aux