'[SA12390] Top Layer Attack Mitigator IPS 5500 Multiple HTTP Requests Denial of Service'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       secunia-sec-adv
Subject:    [SA12390] Top Layer Attack Mitigator IPS 5500 Multiple HTTP Requests Denial of Service
From:       Secunia Security Advisories <sec-adv () secunia ! com>
Date:       2004-08-26 12:34:30
Message-ID: 200408261234.i7QCYU8k009894 () secunia ! com
[Download RAW message or body]


TITLE:
Top Layer Attack Mitigator IPS 5500 Multiple HTTP Requests Denial of
Service

SECUNIA ADVISORY ID:
SA12390

VERIFY ADVISORY:
http://secunia.com/advisories/12390/

CRITICAL:
Less critical

IMPACT:
DoS

WHERE:
From remote

SOFTWARE:
Top Layer Attack Mitigator IPS 5500 3.x
http://secunia.com/product/3840/

DESCRIPTION:
Mazin Faour and Louis Garman have reported a vulnerability in Top
Layer Attack Mitigator IPS 5500, which can be exploited by malicious
people to conduct a DoS (Denial of Service) against a vulnerable
device.

The vulnerability is caused due to an error in the HTTP request
handling, which can be exploited to block legitimate access to the
network by sending over 2000 HTTP requests. This prevents further
connections from being established.

Successful exploitation may consume all available CPU resources.

The vulnerability has been reported in version 3.11.008. Other
versions may also be affected.

SOLUTION:
Update to version 3.11.014.
http://www.toplayer.com/content/support/tech_assist/index.jsp

PROVIDED AND/OR DISCOVERED BY:
Mazin Faour and Louis Garman.

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=secunia-sec-adv@progressive-comp.com

----------------------------------------------------------------------
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic