MaxDB webdbm Server Field DoS

2004-10-07T06:38:33
ID OSVDB:10532
Type osvdb
Reporter Patrik Karlsson(patrik@cqure.net)
Modified 2004-10-07T06:38:33

Description

Vulnerability Description

MaxDB webdmn contains a flaw that may allow a remote denial of service. The issue is triggered when a specially crafted HTTP request containing a value higher than 0x7F in the "Server" field is sent, and will result in loss of availability for the web agent component of MaxDB.

Solution Description

Upgrade to version 7.5.00.18 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

MaxDB webdmn contains a flaw that may allow a remote denial of service. The issue is triggered when a specially crafted HTTP request containing a value higher than 0x7F in the "Server" field is sent, and will result in loss of availability for the web agent component of MaxDB.

References:

Secunia Advisory ID:12756 Other Advisory URL: http://www.idefense.com/application/poi/display?id=150&type=vulnerabilities Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2004-10/0144.html CVE-2004-0931