Community Server Pingback SourceURI Denial Of Service and Information Disclosure Vulnerability
BID:22221
Info
Community Server Pingback SourceURI Denial Of Service and Information Disclosure Vulnerability
| Bugtraq ID: | 22221 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 24 2007 12:00AM |
| Updated: | Oct 14 2010 05:49PM |
| Credit: | Blake Matheny. |
| Vulnerable: |
Telligent Systems Community Server 2.1 |
| Not Vulnerable: | |
Discussion
Community Server Pingback SourceURI Denial Of Service and Information Disclosure Vulnerability
Community Server is prone to a denial-of-service vulnerability and an information-disclosure vulnerability.
Attackers can exploit these issues to consume memory and bandwidth resources, denying service to legitimate users, or to gain information that may aid in further attacks.
Community Server 2.1 and prior versions are vulnerable to this issue.
Community Server is prone to a denial-of-service vulnerability and an information-disclosure vulnerability.
Attackers can exploit these issues to consume memory and bandwidth resources, denying service to legitimate users, or to gain information that may aid in further attacks.
Community Server 2.1 and prior versions are vulnerable to this issue.
Exploit / POC
Community Server Pingback SourceURI Denial Of Service and Information Disclosure Vulnerability
An attacker can exploit these issues via a web client.
An attacker can exploit these issues via a web client.
Solution / Fix
Community Server Pingback SourceURI Denial Of Service and Information Disclosure Vulnerability
Solution:
Vendor patch is available. Please see the reference for updates.
Solution:
Vendor patch is available. Please see the reference for updates.
References
Community Server Pingback SourceURI Denial Of Service and Information Disclosure Vulnerability
References:
References:
- Community Server Web Site (Telligent Systems)
- DoS against Telligent Community Server ([email protected])
- Weaknesses in Pingback Design (Blake Matheny)