Running under Windows 2000 Workstation SP1, FUR HTTP Server 1.0b is vulnerable to a denial of service attack. DEMONSTRATION An attacker can cause FUR HTTP Server 1.0b to crash with an invalid procedure call by connecting to port 80 and sending 3k of data as a GET string. VENDOR RESPONSE According to Delphis Consulting the vendor has been informed and at this time does not have a solution for this issue. CREDIT |
0 comments
Hide comments