ProjectForum & CourseForum long find DoS

2003-12-23T09:26:38
ID OSVDB:3161
Type osvdb
Reporter OSVDB
Modified 2003-12-23T09:26:38

Description

Vulnerability Description

CourseForum contains a flaw that may allow a remote denial of service. The issue is triggered when the atatcker sends too long "find" string to the product. This causes courseforum.exe to crash and stop responding to the client requests.

ProjectForum is also effected as it uses the same engine as CourseForum.

Technical Description

The code causing this security issue lies in sub procedure/function 0040C4A0.

Solution Description

By filtering the TCP port 3455, administrator can lock out untrusted parties from accessing the service.

Short Description

CourseForum contains a flaw that may allow a remote denial of service. The issue is triggered when the atatcker sends too long "find" string to the product. This causes courseforum.exe to crash and stop responding to the client requests.

ProjectForum is also effected as it uses the same engine as CourseForum.

References:

Vendor URL: http://www.projectforum.com/courseforum/ Secunia Advisory ID:10488 Other Advisory URL: http://archives.neohapsis.com/archives/vulnwatch/2003-q4/0072.html ISS X-Force ID: 14062 Generic Informational URL: http://www.elitehaven.net/pfbugs.txt Bugtraq ID: 9271