[NT] Twilight Utilities Denial of Service Vulnerability (TW-WebServer)

2003-04-21T00:00:00
ID SECURITYVULNS:DOC:4411
Type securityvulns
Reporter Securityvulns
Modified 2003-04-21T00:00:00

Description

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion

In the US?

Contact Beyond Security at our new California office housewarming rates on automated network vulnerability scanning. We also welcome ISPs and other resellers!

Please contact us at: 323-882-8286 or ussales@beyondsecurity.com


Twilight Utilities Denial of Service Vulnerability (TW-WebServer)

SUMMARY

<http://www.twilightutilities.com/WebServer.html> Twilight Utilities Web Server is a "completely new Modem Ready Internet Web Server". A denial of service vulnerability in the product has been found, allowing a remote attacker to cause the server to no longer service legitimate users.

DETAILS

Vulnerable systems: * Twilight Utilities TW-WebServer version 1.3.2.0

By sending a long GET request (More than 4096 characters), an attacker can cause the server to shutdown.

ADDITIONAL INFORMATION

The information has been provided by
<mailto:badpack3t@security-protocols.com> badpack3t.

========================================

This bulletin is sent to members of the SecuriTeam mailing list. To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

====================

DISCLAIMER: The information in this bulletin is provided "AS IS" without warranty of any kind. In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.