Fwd: OpenText FirstClass 8.0 HTTP Daemon /Search Remote DoS Vulnerability

2004-12-16T00:00:00
ID SECURITYVULNS:DOC:7360
Type securityvulns
Reporter Securityvulns
Modified 2004-12-16T00:00:00

Description

From: dila <dilabox@gmail.com> Date: Wed, 15 Dec 2004 02:27:40 +0000 Subject: OpenText FirstClass 8.0 HTTP Daemon /Search Remote DoS Vulnerability To: full-disclosure@lists.netsys.com, bugtraq@securityfocus.com

13.12.04 OpenText FirstClass 8.0 HTTP Daemon /Search Remote DoS Vulnerability

The vulnerability is caused due to an error in the handling of large requests. This can e.g. be exploited to potentially cause a vulnerable server to stop responding or function correctly by sending a large amount of POST requests to "/Search" over multiple connections.

The vulnerability has been reported in version 7.1 and 8.0. Other versions may also be affected.

SecurityFocus Advisory: http://securityfocus.com/bid/11877/

Secunia Advisory: http://secunia.com/advisories/13415/

Credit: XWaRloRDX & DiLA