| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 15 Dec 2004 02:27:40 +0000 From: dila <dilabox@...il.com> To: full-disclosure@...ts.netsys.com, bugtraq@...urityfocus.com Subject: OpenText FirstClass 8.0 HTTP Daemon /Search Remote DoS Vulnerability 13.12.04 OpenText FirstClass 8.0 HTTP Daemon /Search Remote DoS Vulnerability The vulnerability is caused due to an error in the handling of large requests. This can e.g. be exploited to potentially cause a vulnerable server to stop responding or function correctly by sending a large amount of POST requests to "/Search" over multiple connections. The vulnerability has been reported in version 7.1 and 8.0. Other versions may also be affected. SecurityFocus Advisory: http://securityfocus.com/bid/11877/ Secunia Advisory: http://secunia.com/advisories/13415/ Credit: XWaRloRDX & DiLA _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists