Remote DoS in AnalogX SimpleServer:www 1.16

From: Fort _ (fortat_private)
Date: Thu Jun 13 2002 - 05:21:21 PDT

Next message: Brent J. Nordquist: "CSS vulnerabilities in IMP 3.0"

Previous message: Matt Moore: "wp-02-0007: Microsoft SQLXML ISAPI Overflow and Cross Site Scripting"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

('binary' encoding is not supported, stored as-is) If you connect to a computer running the SimpleSever:WWW 1.16 (latest version) you can remotely close the server causing a DoS. To crash the server: Connect to the machine (telnet server 80) and type 640 @ signs then press enter twice. I haven’t tested to see exactly how many @ signs you need but 640 seems to do the trick! I have also reported this to AlalogX, and I am still awaiting their reply. Fort.

Next message: Brent J. Nordquist: "CSS vulnerabilities in IMP 3.0"
Previous message: Matt Moore: "wp-02-0007: Microsoft SQLXML ISAPI Overflow and Cross Site Scripting"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jun 13 2002 - 07:01:45 PDT