Denial of Service Vulnerability in Resin 2.1.1 via 'CON' Device Name and Registered File Extension

Denial of Service Vulnerability in Resin 2.1.1 via 'CON' Device Name and Registered File Extension

CVE-2002-1989 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

Resin 2.1.1 allows remote attackers to cause a denial of service (thread and connection consumption) via multiple URL requests containing the DOS 'CON' device name and a registered file extension such as .jsp or .xtp.

Learn more about our Web Application Penetration Testing UK.