SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Web Server/CGI)  >   WebSite Pro Vendors:   O'Reilly
O'Reilly WebSite Pro's Remote Manager Service Can Be Crashed Via the Network
SecurityTracker Alert ID:  1001188
SecurityTracker URL:  http://securitytracker.com/id/1001188
CVE Reference:   CVE-2001-0394   (Links to External Site)
Updated:  Apr 26 2004
Original Entry Date:  Mar 28 2001
Impact:   Denial of service via network
Exploit Included:  Yes  
Version(s): 3.0.37
Description:   Defcom Labs released an advisory (def-2001-15) describing a denial of service vulnerability in the O'Reilly WebSite Pro's remote manager service.

The remote manager service, which runs by default on port 9999, will reportedly leak memory if non-authenticated requests are repeatedly made to the /dyn/ directory and will eventually crash.

An example request:
GET /dyn/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx HTTP/1.0
host: 10.0.0.1

The vendor has been contacted.

Note that on March 6, 2001, Tim O'Reilly announced that O'Reilly software will not continue with further development of its products, but that its products will continue to be supported and sold.

Impact:   A remote user with access to the server's remote service port could cause the server to crash.
Solution:   No solution was available at the time of this entry. The author of the advisory recommends that users disallow access to the remote manager service from untrusted networks (the service runs on TCP port 9999 by default).
Vendor URL:  website.oreilly.com/ (Links to External Site)
Cause:   Resource error
Underlying OS:  Windows (NT), Windows (98), Windows (2000)

Message History:   None.


 Source Message Contents

Subject:  def-2001-15: Website Pro Remote Manager DoS


======================================================================
                  Defcom Labs Advisory def-2001-15

                   Website Pro Remote Manager DoS

Release Date: 2001-03-28
======================================================================
------------------------=[Brief Description]=-------------------------
The remote manager service contains a flaw that allows an attacker to
cause the service to crash.

------------------------=[Affected Systems]=--------------------------
- Website Pro/3.0.37

----------------------=[Detailed Description]=------------------------
The remote manager service (default on port 9999) will leak memory if
non-authenticated requests are repeatedly made to the /dyn/ directory
and will eventually get killed by the OS.

eg:
GET /dyn/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx HTTP/1.0
host: 10.0.0.1

---------------------------=[Workaround]=-----------------------------
Disallow access to the remote manager service from untrusted networks.
The service is on TCP port 9999 by default.

-------------------------=[Vendor Response]=--------------------------
This issue was brought to the vendor's attention on the 21st of
February, 2001 and although the vendor has been contacted repeatedly
no workaround or fix has been received to this date.

======================================================================
            This release was brought to you by Defcom Labs

              labs@defcom.com             www.defcom.com
======================================================================

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC