Advisory for GoAhead Webserver v2.1

From: neme-dhcat_private
Date: Tue Apr 17 2001 - 07:50:09 PDT

Next message: Filipe Almeida: "Re: Solaris ipcs vulnerability"

Previous message: Santi Claus: "iPlanet Web Server 4.x Product Alert"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

 [ Advisory for GoAhead Webserver v2.1             ]
 [ GoAhead Webserver is made by GoAhead.           ]
 [ Site: http://www.goahead.com                    ]
 [ by nemesystm of the DHC                         ]
 [ (http://dhcorp.cjb.net - neme-dhcat_private) ]
 [ ADV-0104                                        ]

/-|=[explanation]=|-\
GoAhead is well, a webserver. It has a denial of
service.

/-|=[who is vulnerable]=|-\
Anyone running GoAhead Webserver v2.1 with Windows
9x/ME. I assume prior versions are vulnerable as
well.

/-|=[testing it]=|-\
To test this vulnerability, try the following.
send a request like this one:
GET /aux
then hit return twice.
It looks like everything is normal, but trying to
visit any page on the webserver is impossible.

/-|=[fix]=|-\
Not known at the moment: vendor did not reply.
Free, encrypted, secure Web-based email at www.hushmail.com

Next message: Filipe Almeida: "Re: Solaris ipcs vulnerability"
Previous message: Santi Claus: "iPlanet Web Server 4.x Product Alert"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Apr 17 2001 - 11:30:31 PDT