Skip navigation
Menu
Security

Netscape Servers Vulnerable to DoS Attack


 Reported October 31, 2000 by CORE SDI

VERSIONS AFFECTED
  • Netscape Certificate Management System 4.2
  • Netscape Directory Server 4.12

DESCRIPTION

A problem with multiple components of the Netscape Server suite allows a malicious attacker to conduct denial of service attacks on systems running Netscape Server software.  

DEMONSTRATION

By sending the following URL to the listening Directory Services Gateway TCP Port on a server running Netscape Directory Server or Netscape Certificate Management System a malicious user can cause an exception error and the system will stop responding.

http://systemrunningnetscape:24326/dsgw/bin/search?context=%

VENDOR RESPONSE

Unfortunately, Netscape Communications/AOL has been very unresponsive about this issue.  The vendor has been notified by multiple parties but no public response has been given.

CREDIT
Discovered by CORE SDI
Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
Red Hat Summit logo sign
Red Hat Touts New Automation, AI, and Security Tools
May 23, 2023
ukraine and russia flags on broken cement
NSA Gives Assessment of Cyber Threats from Russia, China, and AI
May 05, 2023
zero trust
Zero Trust Implementation for Government Agencies Starts with Cultural Change
May 02, 2023
Google logo on building
AI Pioneer Quits Google to Warn Humanity of the Tech's Existential Threat
May 02, 2023