Info

Disclosure

Sep 18, 2004

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

VP-ASP contains a flaw that may allow a remote denial of service. The issue is triggered when an user uses shoprestoreorder.asp to restore a previous order and will result in loss of availability for the database.

Classification

Location: Remote/Network Access Required
Attack Type: Denial of Service
Impact: Loss of Availability
Exploit: Exploit Unknown
Disclosure: OSVDB Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, VP-ASP has released a patch to address this vulnerability.

Products

VP-ASP

5.0

References

Security Tracker: 1011359
Bugtraq ID: 11228
Secunia Advisory ID: 12611
ISS X-Force ID: 17436
CVE ID: 2004-2164 (see also: NVD)
Vendor URL: http://www.vpasp.com/
Vendor Specific Advisory URL: http://www.vpasp.com/virtprog/info/faq_securityfixes.htm

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/36218