Date: Sat, 25 Jul 1998 20:10:21 -0400
From: Albert Nubdy <formatez@EDUREDES.EDU.DO>
To: BUGTRAQ@NETSPACE.ORG
Subject: Annex DoS
-----BEGIN PGP SIGNED MESSAGE-----
Redes2 Security Team
--------------------
.DO Underground
PROBLEM
=======
We have found serveral DoS attacks agaisnt Annex terminal servers
from
xylogics(bay).
DETAILS
=======
The first attack is about the ping program on the webserver. They
designed the /ping program to take only 64 chars in the hostname part.
They avoided from ppl to insert more than 64 by limiting it in the
page on
the webserver (/ping.html). But if you do a :
http://annex.server.here/ping?query=a lot of aaaaaa's here(more than
64)
then annex server goes BOOM!.
The second attack is with the land attack. Maybe when they tried the
land attack on the annex servers they thought it didn't work. But it
does... The problem is that when you do 1 land attack the CPU only
rises a
50 percent. Now if you do 2 land attacks consecutively then the annex
server freezes because the CPU rises to 100%. I didn't make any
programs
for this because you only have to do a shell script that executes your
land program at least two or three times.
FIX
===
We notified Bay a month ago. They have not responded yet.
Credits:
wh0is, speed1, lizard.
========================================|
Albert Nubdy | formatez@eduredes.edu.do |
FormateZ@undernet |
- ----------------------------------------|
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.5.3i for non-commercial use <http://www.pgpi.com>;
iQA/AwUBNbqefVRmALifgPyqEQIvLACeOPojXC2FqVgsO688XIBGINVNEDMAnR5r
WpUM+RDMkvaCMEmMkzqVNt5h
=HPOk
-----END PGP SIGNATURE-----
