ActivePost Standard file-server Filename Overflow DoS

2004-09-23T02:24:47
ID OSVDB:10233
Type osvdb
Reporter Luigi Auriemma(aluigi@autistici.org)
Modified 2004-09-23T02:24:47

Description

Vulnerability Description

ActivePost Standard contains a flaw that may allow a remote denial of service. The issue is triggered when a filename longer than 4074 characters is supplied, and will result in loss of availability for the service.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

ActivePost Standard contains a flaw that may allow a remote denial of service. The issue is triggered when a filename longer than 4074 characters is supplied, and will result in loss of availability for the service.

References:

Vendor Specific Solution URL: http://www.activepost.net/ Security Tracker: 1011406 Secunia Advisory ID:12642 Related OSVDB ID: 10236 Related OSVDB ID: 10235 Related OSVDB ID: 10234 Other Advisory URL: http://aluigi.altervista.org/adv/actp-adv.txt Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2004-09/0852.html Keyword: TCP Port 6004 Generic Exploit URL: http://aluigi.altervista.org/poc/actpboom.zip CVE-2004-1547