Inktomi Search Software DoS Vulnerability

Inktomi Search Software formerly Ultraseek Server, is a search engine for intranet or web site enviroments.

Inktomi Search Software is subject to a denial of service. If a user requests a malformed URL to the search engine on default port 8765 the service will stop responding. A restart of the service is required in order to gain normal functionality.

Example provided by USSR Labs <labs@ussrback.com>:

http://ServerIP:8765/index.html?&col=&ht=0&qs=&qc=&pw=100%25&ws=0&nh=10&lk=1 &rf=0&si=1&si=1&ql=../../../index


 

Privacy Statement
Copyright 2010, SecurityFocus