Home page logo

bugtraq logo Bugtraq mailing list archives

[SAFER] Security Bulletin 010125.DOS.1.5
From: Security Research Team <security () RELAYGROUP COM>
Date: Thu, 25 Jan 2001 19:04:34 +0700


      S.A.F.E.R. Security Bulletin 010125.DOS.1.5

TITLE    : Netscape Enterprise Server - REVLOG request problem
DATE     : January 25, 2001
NATURE   : Denial-of-Service
AFFECTED : Netscape Enterprise Server 3.x with Web Publishing enabled


Problems exists that allows remote user to crash Netscape Enterprise Server.


It is possible to crash Netscape Enterprise Server by issuing:


Request might be repeated few times in order to crash NES completely.


Netscape has been contacted on multiple occasions. First time, more than a year ago.

Although other problems we have reported have been fixed, we have received no response for this issue - to date.

Workaround is to disable Web Publishing, or disable REVLOG request.


Vanja Hrustic <vanja () relaygroup com>
Fyodor Yarochkin <fyodor () relaygroup com>
Emmanuel Gadaix <emmanuel () relaygroup com>

This advisory is also available at http://www.safermag.com/advisories/


   S.A.F.E.R. - Security Alert For Enterprise Resources
          Copyright (c) 2001 The Relay Group
  http://www.safermag.com  ----  security () relaygroup com

  By Date           By Thread  

Current thread:
  • [SAFER] Security Bulletin 010125.DOS.1.5 Security Research Team (Jan 25)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]