Hitachi Cosminexus JSSE SSL/TLS Handshake Request Handling Denial Of Service Vulnerability
BID:25935
Info
Hitachi Cosminexus JSSE SSL/TLS Handshake Request Handling Denial Of Service Vulnerability
| Bugtraq ID: | 25935 |
| Class: | Unknown |
| CVE: |
CVE-2007-5281 |
| Remote: | Yes |
| Local: | No |
| Published: | Oct 05 2007 12:00AM |
| Updated: | May 07 2015 05:35PM |
| Credit: | The vendor disclosed this issue. |
| Vulnerable: |
Hitachi uCosminexus Service Platform 07-50 (Windows) Hitachi uCosminexus Service Architect 07-50 (Windows) Hitachi uCosminexus Operator 07-50 (Windows) Hitachi uCosminexus Developer Standard 07-50 (Windows) Hitachi uCosminexus Developer Professional 07-50 (Windows) Hitachi uCosminexus Client 07-50 (Windows) Hitachi uCosminexus Application Server Standard 07-50 (Windows) Hitachi uCosminexus Application Server Enterprise 07-50 (Windows) |
| Not Vulnerable: |
Hitachi uCosminexus Service Platform 07-50-01 (Windows) Hitachi uCosminexus Service Architect 07-50-01 (Windows) Hitachi uCosminexus Operator 07-50-01 (Windows) Hitachi uCosminexus Developer Standard 07-50-01 (Windows) Hitachi uCosminexus Developer Professional 07-50-01 (Windows) Hitachi uCosminexus Client 07-50-01 (Windows) Hitachi uCosminexus Application Server Standard 07-50-01 (Windows) Hitachi uCosminexus Application Server Enterprise 07-50-01 (Windows) |
Discussion
Hitachi Cosminexus JSSE SSL/TLS Handshake Request Handling Denial Of Service Vulnerability
Hitachi Cosminexus JSSE is prone to a remote denial-of-service vulnerability.
An attacker can exploit this issue to cause the affected application to stop accepting connection requests, thus denying service to legitimate users.
This issue affects version 07-50 (Windows) of the following products:
uCosminexus Application Server Enterprise
uCosminexus Application Server Standard
uCosminexus Service Platform
uCosminexus Developer Standard
uCosminexus Developer Professional
uCosminexus Service Architect
uCosminexus Operator
uCosminexus Client
Hitachi Cosminexus JSSE is prone to a remote denial-of-service vulnerability.
An attacker can exploit this issue to cause the affected application to stop accepting connection requests, thus denying service to legitimate users.
This issue affects version 07-50 (Windows) of the following products:
uCosminexus Application Server Enterprise
uCosminexus Application Server Standard
uCosminexus Service Platform
uCosminexus Developer Standard
uCosminexus Developer Professional
uCosminexus Service Architect
uCosminexus Operator
uCosminexus Client
Exploit / POC
Hitachi Cosminexus JSSE SSL/TLS Handshake Request Handling Denial Of Service Vulnerability
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Hitachi Cosminexus JSSE SSL/TLS Handshake Request Handling Denial Of Service Vulnerability
Solution:
The vendor has released updates to address this issue. Please contact the vendor for information on how to obtain and apply these updates. Please see the references for more information.
Solution:
The vendor has released updates to address this issue. Please contact the vendor for information on how to obtain and apply these updates. Please see the references for more information.
References
Hitachi Cosminexus JSSE SSL/TLS Handshake Request Handling Denial Of Service Vulnerability
References:
References:
- Hitachi Device Manager Homepage ( Hitachi)
- HS07-031 - DoS Vulnerability in Cosminexus (Hitachi)