TUCoPS :: Windows Net Apps :: WIN5504.HTM

Sitespring server DoS

Better a bottle in front of me than a frontal lobotomy.

2nd Jul 2002 [SBWID-5504]
COMMAND

	Sitespring server DoS

SYSTEMS AFFECTED

	Sitespring 1.2.0(277.1) using Sybase runtime engine v7.0.2.1480

PROBLEM

	In Peter Gründl [pgrundl@kpmg.dk] of  KPMH  Danemark  advisory  [BUG-ID:
	2002028] :
	

	A malicious user with access to the Sitespring database engine port  can
	crash both the runtime database engine and the Sitespring web service.
	

	If the sybase database engine receives 1077 x chr(2) +  \\r\\n\\r\\n  it
	crashes. The web service will crash shortly after  the  database  engine
	stops.
	

	

	

SOLUTION

	 Workaround

	 ==========

	

	Apply IP filtering to the Sitespring server, so only the local  host  is
	allowed to connect to TCP port 2500.
	

	On Win2000 or WinXP this can  be  done  using  the  built-in  IP  filter
	functionality.


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2013 AOH