Hello;
I have a problem with the security issue CVE-2002-0894 and CVE-2000-0681.
We use CF 8.01 enterprise under windows server 2003 with IIS 6.0 Webserver.
Our internal scans find an issue ServletExec 4.1 / JRUN ISAPI Multiple DoS.
Description: By sending an overly long request for a .jsp file, it is possible to crash the remote web server. 


This problem is known as the ServletExec / JRun ISAPI DoS.
Download patch #9 from ftp://ftp.newatlanta.com/public/4_1/patches/
See Also
http://www.westpoint.ltd.uk/advisories/wp-02-0006.txt
No more infos.
---------------------------------------------------------------------- ---------------------------
But I can't find on the Adobe Websites or in in the CVE Database a direct link to Coldfusion or Adobe patches (ApsB xxx).
No info, how to fix the finding or install the patch under cold fusion.
Has anybody experiences with this topic CVE-2002-0894 and CVE-2000-0681 under coldfusion or could give me an advisory.
thank's frank