[ Advisory for SimpleServer:WWW (analogX) ] [ SimpleServer:WWW is made by Analogx. Site: http://www.analogx.com ] [ by nemesystm of the DHC ] [ (http://dhcorp.cjb.net - email@example.com) ] [ ADV-0103 ]
/-|=[explanation]=|-\ SimpleServer:WWW is a webserver. It has a simple denial of service problem.
/-|=[who is vulnerable]=|-\ Tested to be vulnerable: SimpleServer:WWW v1.03 SimpleServer:WWW v1.05 SimpleServer:WWW v1.08 This only affects computers running Windows Millennium or Windows 98. I assume any version between v1.03 and v.108 will be vulnerable to this as well.
/-|=[testing it]=|-\ To test this vulnerability, try the following. www.server.com/aux Wait until you are sure this is sent to the server (timeout can take a while). Then try to refresh www.server.com. It should be down.
/-|=[fix]=|-\ After notifying AnalogX about this bug a new version was released the same day. Download version 1.13 to fix this problem. Thanks to Mark for a extremely quick reply. Free, encrypted, secure Web-based email at www.hushmail.com