标题: NetworkActiv Web Server DoS [打印本页] 作者: 韩冰 时间: 2004-10-6 09:52 标题: NetworkActiv Web Server DoS Summary</B>NetworkActiv Web Server is a "simple and easy to use web server (HTTP server)". : X3 G) k+ I- u: J6 t5 s- O9 K& F0 ` ?
A remote user can supply an HTTP GET request with the %25 [%] string to server, causing it to consume all available CPU resources. 8 k1 h# ~6 {( W6 r& o' h( l' L9 {4 b8 [7 s# q
Details</B><B>Vulnerable Systems:</B>1 y% r% N- r. D: L
* NetworkActiv Web Server 1.0 prior to 28 September 2004 - q4 \0 }- s1 F+ m" k" _6 s7 A % d3 J1 j8 C) w; y% K<B>Immune Systems:</B>' W( X" q1 D6 \" x+ V! ]
* NetworkActiv Web Server 1.0 after 28 September 2004: ^( m/ K$ h) U, o, c+ [
/ K) l1 S0 J6 `
<B>Vendor response:</B> 8 q1 Y+ P0 ?8 B3 P- [5 }+ g( @The vendor has issued a fix to prevent the vulnerability from happening.$ z" B0 |3 g, d) f; ?
6 k) D, b1 H6 t8 S' G Additional information</B>The information has been provided by GSS IT.