Reported August 11, 2004, by
A Denial of Service (DoS) condition exists in Sygate Secure Enterprise 3.5 and earlier. Sygate Secure Enterprise uses HTTP to communicate with the Sygate Security Agent clients. These exchanges don't implement any form of replay protection, so an attacker can simply send repeated requests until all the resources on the host are exhausted.
The vendor, Sygate, has released a fix—3.5MR3—for this problem.
Discovered by Martin O'Neal.