logo Home

Untitled Document

Home > Archives Advisories > Articles


Untitled Document

Untitled Document

DoS-attack in VisNetic ActiveDefense
Date: 2003-04-27

Author : Positive Technologies Security Advisory - http://www.ptsecurity.com


Title: DoS-attack in VisNetic ActiveDefense
Date: March, 10 2003
Severity: High
Application: VisNetic ActiveDefense 1.3.1 and early
Platform: Windows 95/98/ME/NT/2000/XP
Vendor Status: Notified, patched

I. DESCRIPTION

---------------

A DoS attack vulnerability was reported in VisNetic ActiveDefense 1.3.1.
Positive Technologies reported that the long request sent to Microsoft IIS
through VisNetic ActiveDefense

GET /xxx...xx.htm HTTP/1.0,

where buffer consists of 90 packets (the length of each packet is 100 bytes),
totally blocks computer.

For check this vulnerability you can use http://www.ptsecurity.com/tools/PTvad.zip

II. IMPACT

---------------

Long request blocks entire computer. Just cold restart is possible (Reset button).


III. SOLUTION

---------------

Install patch
http://www.deerfield.com/download/visnetic_activedefense/


IV. VENDOR FIX/RESPONSE

---------------

Vendor was notified on 14.04.2003.


V. CREDIT

---------------

Positive Technologies is information security company especially focused on
protection of corporate networks from external attacks. The main trend of
PT’s activity is computer networks security audit and service. PT offers
wide range of services in the filed of information security: from network
architecture development or optimization to consulting and custom software
source-code examination.



 

arrowSearch Advisories

arrowNewsletter

Free weekly Newsletter.

Please enter your email address here:
arrowReport Vulnerability

If you've found a vulnerability please
click here to report it.
arrowPartners

newsnow

About Us | Contact Us | Advertise | email | Backend flag
Copyright © 2016-2017 Security Corporation - All Rights Reserved - Legal - Privacy Policy