[Japanese]

JVNDB-2009-001740

Hitachi Web Server Reverse Proxy Denial of Service (DoS) Vulnerability

Overview

Hitachi Web Server contains a vulnerability that could lead to a denial
of service (DoS) condition when using it as a reverse proxy due to
excessive memory usage.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 2.6 (Low) [IPA Score]
  • Access Vector: Network
  • Access Complexity: High
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: Partial
Affected Products


Hitachi, Ltd
  • Hitachi Web Server
  • uCosminexus Application Server Enterprise
  • uCosminexus Application Server Standard
  • uCosminexus Developer Professional
  • uCosminexus Developer Standard
  • uCosminexus Service Architect
  • uCosminexus Service Platform

Please refer to HS09-009 provided by Hitachi for more details.
Impact

The server could fall into a denial of service (DoS) state when
continuously receiving fraudulent responses from backend Web servers.
Solution

Please refer to the 'Vendor Information' section for the official
countermeasure and take appropriate action.
Vendor Information

Hitachi, Ltd
  • Hitachi Software Vulnerability Information : HS09-009
CWE (What is CWE?)

  1. No Mapping(CWE-noinfo) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2008-2364
References

  1. National Vulnerability Database (NVD) : CVE-2008-2364
Revision History

  • [2009/07/14]
      Web page published
    [2014/05/21]
      References : Contents were added