It is possible to forcibly invoke any servlet by prefixing the path to servlet with "/servlet/" in the URL. A servlet called "ServletExec" is present in the server side classes.
Invoking the "ServletExec" servlet via forced servlet invocation causes the servlet engine to re-initialize and attempt to bind a server thread on port 80. If the server is already running, the port binding causes an exception and the servlet engine terminates abruptly.
For example, if ServletExec is running on 10.0.0.1 as a plug-in to a web server on port 80, an attacker can open a connection to port 80 and make the following GET request that causes the servlet engine to terminate abruptly.
$ nc 10.0.0.1 80 GET /servlet/ServletExec HTTP/1.0
Or simply access the URL http://10.0.0.1/servlet/ServletExec from a browser to the same effect.
ServletExec generates java.net.BindException and kills the servlet engine.
The following is recorded in the log file:
Received an exception when starting ServletExec: java.net.BindException: Address in use: bind
