BID:12794

Spinworks Application Server Remote Denial Of Service Vulnerability

Info

Spinworks Application Server Remote Denial Of Service Vulnerability

Bugtraq ID:	12794
Class:	Failure to Handle Exceptional Conditions
CVE:
Remote:	Yes
Local:	No
Published:	Mar 14 2005 12:00AM
Updated:	Mar 14 2005 12:00AM
Credit:	DR_Insane is credited with the discovery of this issue.
Vulnerable:	Spinworks Application Server 3.0

Not Vulnerable:

Discussion

Spinworks Application Server Remote Denial Of Service Vulnerability

A remote denial of service vulnerability affects Spinworks Application Server. This issue is due to a failure of the application to properly handle malformed requests.

An attacker may leverage this issue to trigger a denial of service condition in the affected software.

Exploit / POC

Spinworks Application Server Remote Denial Of Service Vulnerability

No exploit is required to leverage this issue. The following proof of concept has been provided:

http://www.example.com:5002/?sid=.

Solution / Fix

Spinworks Application Server Remote Denial Of Service Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.

References

Spinworks Application Server Remote Denial Of Service Vulnerability

References:

Spinworks Application Server Home Page (Spinworks)