Sapio WebReflex GET Denial Of Service Vulnerability
BID:2425
Info
Sapio WebReflex GET Denial Of Service Vulnerability
| Bugtraq ID: | 2425 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2001-0298 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 27 2001 12:00AM |
| Updated: | Jul 11 2009 04:46AM |
| Credit: | This vulnerability was announced to Bugtraq by [email protected] on February 27, 2001. |
| Vulnerable: |
Sapio Design Ltd. WebReflex 1.55 |
| Not Vulnerable: | |
Discussion
Sapio WebReflex GET Denial Of Service Vulnerability
WebReflex is a software package designed to operate a HTTP server off a cdrom, providing web hosting on Microsoft Windows systems. It is written and maintained by Sapio Design Ltd.
A problem with the software could allow a denial of service to legitimate users. By issuing an excessively long HTTP GET request to the web server, the server becomes unstable and exits with a General Protection Fault. It may also be possible to execute arbitrary code, although this claim is unverified.
It is possible for a malicious remote user may take advantage of this vulnerability to deny service to legitimate users.
WebReflex is a software package designed to operate a HTTP server off a cdrom, providing web hosting on Microsoft Windows systems. It is written and maintained by Sapio Design Ltd.
A problem with the software could allow a denial of service to legitimate users. By issuing an excessively long HTTP GET request to the web server, the server becomes unstable and exits with a General Protection Fault. It may also be possible to execute arbitrary code, although this claim is unverified.
It is possible for a malicious remote user may take advantage of this vulnerability to deny service to legitimate users.
Solution / Fix
Sapio WebReflex GET Denial Of Service Vulnerability
Solution:
Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
Sapio WebReflex GET Denial Of Service Vulnerability
References:
References: