Bugtraq mailing list archives
Followup to MetaInfo vulnerabilities
From: jeff () WIRETRIP NET (Jeff Forristal)
Date: Fri, 3 Jul 1998 10:08:08 -0500
Shortly after releasing the public bugtraq post, I was contacted by MetaInfo regarding the problem and was told that they had just put a patch online, available, with instructions, at www.metainfo.com/download. While this patch corrected the problem of transversal into higher levels of the filesystem, it was still open to another kind of DoS attack. If an attacker was to send a GET request to MetaWeb server that contained around 8K of characters, the MetaWeb server process would spike to 100% CPU utilization, and stay there indefinately. Example: http://mail.server.com:5000/index.htm?<insert 8K of characters here> This would put the server in an unstable state; now, a regular request will cause to to spike and hang: http://mail.server.com:5000/ MetaInfo was contacted about this problem as well; they released a patch to fix this problem. You can download a copy from www.forristech.com, or check to see if it's available on MetaInfo's site yet. -Jeff Forristal
Current thread:
- Followup to MetaInfo vulnerabilities Jeff Forristal (Jul 03)