OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Patrik Karlsson (patrik.karlssonse.pwcglobal.com)
Date: Wed May 08 2002 - 05:08:52 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    cqure.net Security Vulnerability Report
    No: cqure.net.20020408.netware_nwftpd.a
    ========================================

    Vulnerability Summary
    ---------------------
    Problem: The Netware FTP server has a DOS vulnerability.

    Threat: An attacker could cause the server cpu to spike
                       at 100% cpu hogging the server and causing a DOS,
                       preventing legitimate users access to the server.

    Affected Software: Netware FTP server.

    Platform: Netware 6.0 SP 1 verified.

    Solution: Install patch from Novell as soon as it becomes
                       available.

    Vulnerability Description
    -------------------------
    An attacker could cause the server to spike at 100% cpu, prohibiting
    legitime users to access the server. This is done by connecting to the
    server using netcat or telnet and simply typing an enter. Due to the
    impact of this issue, it is not recommended to have unprotected ftp
    servers on public networks. Since there is no patch yet, we urge you
    to shutdown the ftp server or filter incoming connections as soon as
    possible.

    Solution
    --------
    Disable the ftp server or make sure only trusted people can connect
    to it by filtering incoming connections.

    Install patch from Novell as soon as it becomes available.

    Additional Information
    ----------------------
    Novell was contacted 20020408 but has not yet responded to the issue.

    This vulnerability was found and researched by
    Patrik Karlsson & Jonas Lšndin
    patrik.karlssonse.pwcglobal.com
    jonas.landinixsecurity.com

    This document is also available at: http://www.cqure.net/advisories/