Qualys security scans crash DollarU nodes

Document ID : KB000086661
Last Modified Date : 14/04/2018
Show Technical Document Details
Issue:
Error Message :
universe.logthe EEP and GSI log typically also contain errors at the moment of the "attack"

Patch level detected:Dollar Universe 6.1.00
Product Version: Dollar.Universe 6.1.0

Description :The utility Qualys that tests applications for vulnerabilities crashes DollarU nodes by a TCP/IP request that is longer than expected.
Environment:
OS: Linux
Cause:
Cause type:
Defect
Root Cause: The injection of a messages that is too long into an Authentication request cannot be handled by the IO
Resolution:
Update to the fix version listed below or a newer version if available.

Fix Status: Released

Fix Version(s):
Component: Application.Server
Version: Dollar.Universe 6.2.21
Additional Information:
Workaround :
N/A