OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: neme-dhcHUSHMAIL.COM
Date: Tue Apr 17 2001 - 09:50:09 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

     [ Advisory for GoAhead Webserver v2.1 ]
     [ GoAhead Webserver is made by GoAhead. ]
     [ Site: http://www.goahead.com ]
     [ by nemesystm of the DHC ]
     [ (http://dhcorp.cjb.net - neme-dhchushmail.com) ]
     [ ADV-0104 ]

    /-|=[explanation]=|-\
    GoAhead is well, a webserver. It has a denial of
    service.

    /-|=[who is vulnerable]=|-\
    Anyone running GoAhead Webserver v2.1 with Windows
    9x/ME. I assume prior versions are vulnerable as
    well.

    /-|=[testing it]=|-\
    To test this vulnerability, try the following.
    send a request like this one:
    GET /aux
    then hit return twice.
    It looks like everything is normal, but trying to
    visit any page on the webserver is impossible.

    /-|=[fix]=|-\
    Not known at the moment: vendor did not reply.
    Free, encrypted, secure Web-based email at www.hushmail.com