Advisory for SimpleServer:WWW (analogX)

From: neme-dhcat_private
Date: Tue Apr 17 2001 - 07:51:29 PDT

Next message: dynamo: "Re: new advisory"

Previous message: Sven C. Koehler: "Re: Solaris ipcs vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

 [ Advisory for SimpleServer:WWW (analogX)                           ]
 [ SimpleServer:WWW is made by Analogx. Site: http://www.analogx.com ]
 [ by nemesystm of the DHC                                           ]
 [ (http://dhcorp.cjb.net - neme-dhcat_private)                   ]
 [ ADV-0103                                                          ]

/-|=[explanation]=|-\
SimpleServer:WWW is a webserver. It has a simple denial of service problem.

/-|=[who is vulnerable]=|-\
Tested to be vulnerable:
SimpleServer:WWW v1.03
SimpleServer:WWW v1.05
SimpleServer:WWW v1.08
This only affects computers running Windows Millennium or Windows 98.
I assume any version between v1.03 and v.108 will be vulnerable to this
as well.

/-|=[testing it]=|-\
To test this vulnerability, try the following.
www.server.com/aux
Wait until you are sure this is sent to the server (timeout can take a while).
Then try to refresh www.server.com. It should be down.

/-|=[fix]=|-\
After notifying AnalogX about this bug a new version was released the
same day. Download version 1.13 to fix this problem. Thanks to Mark
for a extremely quick reply.
Free, encrypted, secure Web-based email at www.hushmail.com

Next message: dynamo: "Re: new advisory"
Previous message: Sven C. Koehler: "Re: Solaris ipcs vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Apr 17 2001 - 12:24:56 PDT