|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[Full-Disclosure] OpenText FirstClass 8.0 HTTP Daemon /Search Remote DoS Vulnerability
From: dila (dilabox
gmail.com)
Date: Tue Dec 14 2004 - 20:27:40 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
13.12.04
OpenText FirstClass 8.0 HTTP Daemon /Search Remote DoS Vulnerability
The vulnerability is caused due to an error in the handling of large
requests. This can e.g. be exploited to potentially cause a vulnerable
server to stop responding or function correctly by sending a large
amount of POST requests to "/Search" over multiple connections.
The vulnerability has been reported in version 7.1 and 8.0. Other
versions may also be affected.
SecurityFocus Advisory:
http://securityfocus.com/bid/11877/
Secunia Advisory:
http://secunia.com/advisories/13415/
Credit: XWaRloRDX & DiLA
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]