Activity Monitor 2002 Long String DoS

2003-05-29T10:22:03
ID OSVDB:4764
Type osvdb
Reporter Luca Ercoli(luca.ercoli@inwind.it)
Modified 2003-05-29T10:22:03

Description

Vulnerability Description

Activity Monitor 2002 contains a flaw that may allow a remote denial of service. By connecting to TCP port 15163 and sending an overly long string, a remote attacker could consume all available CPU resources and cause the application to crash resulting in loss of availability for the application.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

Activity Monitor 2002 contains a flaw that may allow a remote denial of service. By connecting to TCP port 15163 and sending an overly long string, a remote attacker could consume all available CPU resources and cause the application to crash resulting in loss of availability for the application.

References:

Vendor URL: http://www.softactivity.com/ Security Tracker: 1006883 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2003-05/0317.html ISS X-Force ID: 12112 Bugtraq ID: 7748