标题: NetworkActiv Web Server DoS [打印本页] 作者: 韩冰 时间: 2004-10-6 09:52 标题: NetworkActiv Web Server DoS Summary</B>NetworkActiv Web Server is a "simple and easy to use web server (HTTP server)".$ V! @) t) H0 R( `
0 ]+ f% Z- C; ?! o5 f& v; k/ p0 ?
A remote user can supply an HTTP GET request with the %25 [%] string to server, causing it to consume all available CPU resources.( r8 Z! |2 m Q1 w, H# s
) @- j& q) c; u2 h* q
Details</B><B>Vulnerable Systems:</B>9 T/ }) I& b2 F% }! q# z( d1 N3 V
* NetworkActiv Web Server 1.0 prior to 28 September 2004 - V9 `0 S8 e5 |7 M5 x* p9 ]% B0 _
<B>Immune Systems:</B> " J/ } W9 @" Z( ~, F1 P9 a: O * NetworkActiv Web Server 1.0 after 28 September 2004 4 M9 x4 U3 J! _ @) s- [! H * k$ A6 x% c6 [ w+ c& {/ j$ x<B>Vendor response:</B># d; i4 q7 ^; A6 a
The vendor has issued a fix to prevent the vulnerability from happening. ( l9 R* }2 p9 k# K5 b; d/ Y! p3 E( u; v# f; k/ t4 a
Additional information</B>The information has been provided by GSS IT.