OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Phiber (phiberXATRIX.ORG)
Date: Mon Feb 19 2001 - 16:13:43 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Discovered by : Xatrix Security (17/02/2001)
    http://www.xatrix.org

    Vulnerable Server: Moby Netsuite Web Server
    Infected Version: 1.02
    Vendor Conacted: YES
    ~~~~~~~~~~~~~~~~~~~

    Description:
    - Moby Netsuite web server is free web server for win 9x/NT
    which can be downloaded from http://www.mobydisk.com.
    It supports CGI scripting and it is easly configurable.

    Impact:
    - By sending more than 200 charachters it can be crashed ...
    (Windows kernel will report that NetSuite has caused an unknown error :)

    Example:
    www.SITE.com/ [ more than 200 a's]

    Solution: Wait for new version of NeSuite web server or a patch.

    [ EOF - 18/02/2001 ]

    Regards,
    -------------------------------------------
    - Phiber
    "Security is completly theoretical"
    Xatrix Security, http://xatrix.org