Advisory for SimpleServer:WWW (analogX)

2001-04-18T00:00:00
ID SECURITYVULNS:DOC:1522
Type securityvulns
Reporter Securityvulns
Modified 2001-04-18T00:00:00

Description

[ Advisory for SimpleServer:WWW (analogX) ] [ SimpleServer:WWW is made by Analogx. Site: http://www.analogx.com ] [ by nemesystm of the DHC ] [ (http://dhcorp.cjb.net - neme-dhc@hushmail.com) ] [ ADV-0103 ]

/-|=[explanation]=|-\ SimpleServer:WWW is a webserver. It has a simple denial of service problem.

/-|=[who is vulnerable]=|-\ Tested to be vulnerable: SimpleServer:WWW v1.03 SimpleServer:WWW v1.05 SimpleServer:WWW v1.08 This only affects computers running Windows Millennium or Windows 98. I assume any version between v1.03 and v.108 will be vulnerable to this as well.

/-|=[testing it]=|-\ To test this vulnerability, try the following. www.server.com/aux Wait until you are sure this is sent to the server (timeout can take a while). Then try to refresh www.server.com. It should be down.

/-|=[fix]=|-\ After notifying AnalogX about this bug a new version was released the same day. Download version 1.13 to fix this problem. Thanks to Mark for a extremely quick reply. Free, encrypted, secure Web-based email at www.hushmail.com