[NT] Twilight Utilities Denial of Service Vulnerability (TW-WebServer)

Type securityvulns
Reporter Securityvulns
Modified 2003-04-21T00:00:00


The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion

In the US?

Contact Beyond Security at our new California office housewarming rates on automated network vulnerability scanning. We also welcome ISPs and other resellers!

Please contact us at: 323-882-8286 or ussales@beyondsecurity.com

Twilight Utilities Denial of Service Vulnerability (TW-WebServer)


<http://www.twilightutilities.com/WebServer.html> Twilight Utilities Web Server is a "completely new Modem Ready Internet Web Server". A denial of service vulnerability in the product has been found, allowing a remote attacker to cause the server to no longer service legitimate users.


Vulnerable systems: * Twilight Utilities TW-WebServer version

By sending a long GET request (More than 4096 characters), an attacker can cause the server to shutdown.


The information has been provided by
<mailto:badpack3t@security-protocols.com> badpack3t.


This bulletin is sent to members of the SecuriTeam mailing list. To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com


DISCLAIMER: The information in this bulletin is provided "AS IS" without warranty of any kind. In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.