Title: Resin Large Parameter Denial of Service
It is possible for a malicious user to cause a Denial of Service
by requesting certain malformed URLs from the Resin web server.
By defining large variables when accessing non-existant ressources,
it is possible to consume the entire workspace on the server. This
will result in hanging parts of or the entire web server.
You can visit the vendor webpage here: http://www.caucho.com
This was reported to the vendor on the 22nd of May, 2002. On the 11th
of June, 2002 the vendor released a new version that corrects the
issue.
Upgrade to version 2.1.2 available from:
http://www.caucho.com/download/
Author: Peter Gründl ([email protected])