Skip to content
  • There are no suggestions because the search field is empty.

Why might a web application crash during an web assessment?

The most important statement to clarify regarding the assessment is that it is designed to detect vulnerabilities and to be as safe a process as possible.

If a web application crashes during an assessment, treat it as a potential vulnerability on your network.

  • Contact the application vendor for the affected service/application to determine whether there are any software patches or known configuration issues that may prevent this behavior. If there are no known issues/fixes, then there are several possible reasons for such occurrences, which should be raised with the vendor in question:

  • When performing an assessment, we will attempt to safely connect to and query hosts over TCP/IP, performing several different types of inquisitive actions. What can happen with older devices, single-purpose devices, custom OS or protocol implementations, and other types of non-general-purpose computing assets (i.e., Windows, MacOS, or Linux hosts) is that the implementation of TCP/IP for the given asset has not been designed to account for or accommodate this kind of communication.

  • This situation can lead to failures for reasons such as (but not limited to): insufficient memory specific to the TCP/IP stack, leading to a small amount of probes consuming it all and causing denial of service, or unsafe handling of the standard TCP/IP communication mechanism, leading to the TCP/IP implementation crashing and causing denial of service. If you are seeing this happen with a device or product in your environment, we suggest you reach out to the vendor and follow up. The techniques we are using to probe are widely understood and commonly used, so any attacker interested in targeting these hosts can do so.
     
  • Ensure your operating systems are fully up-to-date with the latest software patches.

  • Review and remediate all detected vulnerabilities, especially high and critical severity items.

  • Check the settings in your profile if you are conducting any potentially dangerous tests.

  • You can also choose to exclude a specific TCP/UDP port in your profile, preventing the assessment from trying to communicate with that TCP/UDP port.

  • To minimize any potential operational impact, you may decide to start an assessment of these systems during a maintenance window or when the system is less used.