Denial of Service Vulnerability in Resin 2.1.1 via 'CON' Device Name and Registered File Extension
CVE-2002-1989 · MEDIUM Severity
AV:N/AC:L/AU:N/C:N/I:N/A:P
Resin 2.1.1 allows remote attackers to cause a denial of service (thread and connection consumption) via multiple URL requests containing the DOS 'CON' device name and a registered file extension such as .jsp or .xtp.
Learn more about our Web Application Penetration Testing UK.