|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Novell GroupWise 5.5 Enhancement Pack Web Access Denial of Servic e
From: Adam Gray (agray
NOVACOAST.COM)Date: Mon Feb 07 2000 - 19:06:07 CST
- Next message: Taneli Huuskonen: "Re: recent 'cross site scripting' CERT advisory"
- Previous message: Byron Alley: "Re: Fwd: CERT Advisory CA-2000-02"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Discussion
There is a DOS attack that can be run against Novell GroupWise Web Access
5.5 Enhancement Pack. The Java Server is possible to crash with a long
character string sent to the servlet gateway using a web browser. This DOS
can cause the Netscape web server to abend, the Java.nlm to take all of the
processor utilization, or the post office can simple stop responding. This
DOS attack will kill any active GroupWise based connections to the GroupWise
server. The server typically requires a reboot to fix the problem. This bug
has been confirmed by Novell with instruction from novacoast.
- Next message: Taneli Huuskonen: "Re: recent 'cross site scripting' CERT advisory"
- Previous message: Byron Alley: "Re: Fwd: CERT Advisory CA-2000-02"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]