KPMG-2002028: Sitespring Server Denial of Service

2002-07-02T00:00:00
ID SECURITYVULNS:DOC:3164
Type securityvulns
Reporter Securityvulns
Modified 2002-07-02T00:00:00

Description


Title: Sitespring Server Denial of Service

BUG-ID: 2002028 Released: 01st Jul 2002


Problem:

A malicious user with access to the Sitespring database engine port can crash both the runtime database engine and the Sitespring web service.

Vulnerable:

  • Sitespring 1.2.0(277.1) using Sybase runtime engine v7.0.2.1480

Details:

If the sybase database engine receives 1077 x chr(2) + \r\n\r\n it crashes. The web service will crash shortly after the database engine stops.

Vendor URL:

You can visit the vendor webpage here: http://www.macromedia.com

Vendor Response:

This was reported to the vendor on the 16th of April, 2002. There is currently no scheduled patch for this vulnerability. Vendor support for Sitespring is planned to end May, 2004.

Corrective action:

Apply IP filtering to the Sitespring server, so only the local host is allowed to connect to TCP port 2500.

On Win2000 or WinXP this can be done using the built-in IP filter functionality.

Author: Peter Gründl (pgrundl@kpmg.dk)


KPMG is not responsible for the misuse of the information we provide through our security advisories. These advisories are a service to the professional security community. In no event shall KPMG be lia- ble for any consequences whatsoever arising out of or in connection with the use or spread of this information.