标题: NetworkActiv Web Server DoS [打印本页] 作者: 韩冰 时间: 2004-10-6 09:52 标题: NetworkActiv Web Server DoS Summary</B>NetworkActiv Web Server is a "simple and easy to use web server (HTTP server)". 0 L% k {7 M' f2 q( [% D/ m: Q1 \- } @! Q4 w
A remote user can supply an HTTP GET request with the %25 [%] string to server, causing it to consume all available CPU resources. x. H3 t* g: |; W4 `$ W 8 }* L% B7 ?$ Q, Y6 F Details</B><B>Vulnerable Systems:</B>! d& ~4 |* U+ A# i1 o/ G4 d+ ?# ^
* NetworkActiv Web Server 1.0 prior to 28 September 2004 . ~, ^1 X3 `) P/ U% C |# f0 m% W+ H5 {) E8 ~$ c7 {9 |6 x
<B>Immune Systems:</B>7 Z6 k4 |3 q& ]1 }
* NetworkActiv Web Server 1.0 after 28 September 2004* e/ s) f8 t3 I4 @& ^/ D
m& q( |* _+ `- M+ `. K
<B>Vendor response:</B> 8 \. L! M0 B6 p3 a( kThe vendor has issued a fix to prevent the vulnerability from happening. 6 g m; {; m( g) X0 [, b3 X7 w: r% v. F) \) z' v3 k9 a; B
Additional information</B>The information has been provided by GSS IT.