3803 : Web Crossing Content-Length Header DoS
Printer | http://osvdb.org/3803 | Email This | Edit Vulnerability

Views This Week

Views All Time

Info

Last Modified

11 months ago

Percent Complete

100%

Disclosure

Feb 03, 2004

Discovery

Feb 03, 2004

Dates

Exploit

Feb 03, 2004

Solution

Unknown

Description

Web Crossing Server contains a flaw that may allow a remote denial of service. The issue is triggered when a specially crafted URL is sent to the server with a large or negative Content-Length, and will result in loss of availability for the service.

Classification

Location: Remote/Network Access Required
Attack Type: Denial of Service
Impact: Loss of Availability
Exploit: Exploit Available
Disclosure: OSVDB Verified

Solution

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Products

Web Crossing, Inc.	Web Crossing Server	4.0
		4.1
		5.0

References

Secunia Advisory ID: 10781
ISS X-Force ID: 15022
CVE ID: 2004-0245 (see also: NVD)
Bugtraq ID: 9576
Generic Exploit URL: http://downloads.securityfocus.com/vulnerabilities/exploits/web-crossing-exp.pl
Mail List Post: http://marc.theaimsgroup.com/?l=bugtraq&m=107586518120516&w=2
Other Advisory URL: http://www.elitehaven.net/webxdos.txt
Vendor URL: http://www.webcrossing.com/Home/

Credit

Peter Winter-Smith - peter4020hotmail.com - EliteHaven

Blogs

Provided by Technorati

None found at this time

Comments

Add Comment Hide Add Comment

No Comments.

DONATE NOW!

User Status

Account
- Login
- Sign-Up

Quick Searches

Views This Week

Views All Time

Info

Last Modified

Percent Complete

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Web Crossing, Inc.

Web Crossing Server

References

Credit

Blogs

Comments