Skip to main content
W
winkelmann
Participating Frequently
June 20, 2013
Question

Coldfusion 8.01, Nessus Finding CVE-2002-0894

  • June 20, 2013
  • 0 replies
  • 361 views

Hello;

I have a problem with the security issue CVE-2002-0894 and CVE-2000-0681.

We use CF 8.01 enterprise under windows server 2003 with IIS 6.0 Webserver.

Our internal scans find an issue ServletExec 4.1 / JRUN ISAPI Multiple DoS.

Description: By sending an overly long request for a .jsp file, it is possible to crash the remote web server. 



This problem is known as the ServletExec / JRun ISAPI DoS.

Download patch #9 from ftp://ftp.newatlanta.com/public/4_1/patches/

See Also
http://www.westpoint.ltd.uk/advisories/wp-02-0006.txt

No more infos.

-------------------------------------------------------------------------------------------------

But I can't find on the Adobe Websites or in in the CVE Database a direct link to Coldfusion or Adobe patches (ApsB xxx).

No info, how to fix the finding or install the patch under cold fusion.

Has anybody experiences with this topic CVE-2002-0894 and CVE-2000-0681 under coldfusion or could give me an advisory.

thank's frank

    This topic has been closed for replies.
    Terms & ConditionsAccessibility statement
    Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices