标题: NetworkActiv Web Server DoS [打印本页] 作者: 韩冰 时间: 2004-10-6 09:52 标题: NetworkActiv Web Server DoS Summary</B>NetworkActiv Web Server is a "simple and easy to use web server (HTTP server)".0 q x& G$ P) U! H! k9 z4 A% l/ A
% e8 M. J" f7 k) d6 P& s
A remote user can supply an HTTP GET request with the %25 [%] string to server, causing it to consume all available CPU resources. 3 d2 [0 ?( b6 `* L- O. k1 X7 v4 |. [3 X) Z# O, u$ @4 u) Z
Details</B><B>Vulnerable Systems:</B> B: j( M3 @& ?2 q% n( p7 H
* NetworkActiv Web Server 1.0 prior to 28 September 2004 ) z" m+ S3 ^$ X/ G8 M; P! L2 _( o ( {3 ]7 y8 H; U1 q* A( q' {<B>Immune Systems:</B>7 A. |& _' Z. J4 D
* NetworkActiv Web Server 1.0 after 28 September 2004 G6 M: |9 k) c: r# G' g0 S+ S 8 y" R% b5 D3 n: D+ ?! X9 }8 V, }<B>Vendor response:</B> 8 n0 x+ O) o# V. ]$ z4 N7 gThe vendor has issued a fix to prevent the vulnerability from happening. - G" m& p, T0 D4 w / w* B0 f5 Z7 I Z: U" F& S4 ? Additional information</B>The information has been provided by GSS IT.