Denial of Service Vulnerability in Jetty HTTP Server
CVE-2004-2381

Currently unrated

Key Information:

Vendor: Jetty
Status: Jetty Http Server
Vendor: CVE Published:; 31 December 2004

What is CVE-2004-2381?

A vulnerability in the Jetty HTTP Server prior to version 4.2.19 allows remote attackers to exploit the server by sending HTTP requests with excessively large Content-Length headers. This can lead to increased memory consumption and potential application crashes, impacting the availability of web services.

References

http://www.osvdb.org/4387

vdb-entryx_refsource_OSVDB

http://secunia.com/advisories/11166/

third-party-advisoryx_refsource_SECUNIA

http://sourceforge.net/project/shownotes.php?release_id=2...

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Aug 16, 2005
Vulnerability published
Dec 31, 2004