-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Essentia Web Server DoS Vulnerability Type: DoS, crashes Daemon Release Date: February 22, 2002 Product / Vendor: The Essentia Web Server provides Enhanced Web Application and Communication Services. Whether you are setting up a simple Web Site on your Corporate Intranet or creating large sites for the Internet, Essentia provides a simple and flexible way to make an even stronger Web and Applications Platform. http://www.essencomp.com/ Summary: Essentia Web Server is subject to a denial of service. Submitting a request of unusual length to the host will cause the server to crash. A restart is required in order to gain normal functionality. http://host/AAAAAA...(Ax2000)...AAAAAA Tested: Windows 2000 / Essentia Web Server 2.1 Vulnerable: Essentia Webserver 2.1 (And may be other.) Disclaimer: http://www.securityoffice.net is not responsible for the misuse or illegal use of any of the information and/or the software listed on this security advisory. Author: Tamer Sahin ts@securityoffice.net http://www.securityoffice.net Tamer Sahin http://www.securityoffice.net PGP Key ID: 0x2B5EDCB0 -----BEGIN PGP SIGNATURE----- Version: PGP 7.1 iQA/AwUBPHWDb7uLpFMrXtywEQJ4xQCgpG9H9237UzLL8t4glRutLCb3ACoAoLT4 0Uuqb5ckaDSno+3A4NqjM8o7 =1Yzo -----END PGP SIGNATURE-----
