Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Patrik Karlsson (patrik.karlssonse.pwcglobal.com)
Date: Wed May 08 2002 - 05:08:52 CDT
cqure.net Security Vulnerability Report
Problem: The Netware FTP server has a DOS vulnerability.
Threat: An attacker could cause the server cpu to spike
at 100% cpu hogging the server and causing a DOS,
preventing legitimate users access to the server.
Affected Software: Netware FTP server.
Platform: Netware 6.0 SP 1 verified.
Solution: Install patch from Novell as soon as it becomes
An attacker could cause the server to spike at 100% cpu, prohibiting
legitime users to access the server. This is done by connecting to the
server using netcat or telnet and simply typing an enter. Due to the
impact of this issue, it is not recommended to have unprotected ftp
servers on public networks. Since there is no patch yet, we urge you
to shutdown the ftp server or filter incoming connections as soon as
Disable the ftp server or make sure only trusted people can connect
to it by filtering incoming connections.
Install patch from Novell as soon as it becomes available.
Novell was contacted 20020408 but has not yet responded to the issue.
This vulnerability was found and researched by
Patrik Karlsson & Jonas Lšndin
This document is also available at: http://www.cqure.net/advisories/