Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:4442
HistoryApr 25, 2003 - 12:00 a.m.

Positive Technologies SA2003-0310: DoS-attack in VisNetic ActiveDefense

2003-04-2500:00:00
vulners.com
8
JSON
           Positive Technologies Security Advisory
                 http://www.ptsecurity.com


    Title: DoS-attack in VisNetic ActiveDefense
     Date: March, 10 2003
 Severity: High

Application: VisNetic ActiveDefense 1.3.1 and early
Platform: Windows 95/98/ME/NT/2000/XP
Vendor Status: Notified, patched

I. DESCRIPTION

A DoS attack vulnerability was reported in VisNetic ActiveDefense 1.3.1.
Positive Technologies reported that the long request sent to Microsoft IIS
through VisNetic ActiveDefense

GET /xxx…xx.htm HTTP/1.0,

where buffer consists of 90 packets (the length of each packet is 100 bytes),
totally blocks computer.

For check this vulnerability you can use http://www.ptsecurity.com/tools/PTvad.zip

II. IMPACT

Long request blocks entire computer. Just cold restart is possible (Reset button).

III. SOLUTION

Install patch
http://www.deerfield.com/download/visnetic_activedefense/

IV. VENDOR FIX/RESPONSE

Vendor was notified on 14.04.2003.

V. CREDIT

Positive Technologies is information security company especially focused on
protection of corporate networks from external attacks. The main trend of
PT’s activity is computer networks security audit and service. PT offers
wide range of services in the filed of information security: from network
architecture development or optimization to consulting and custom software
source-code examination.

JSON