Manualshelf

Specifications

ManualsBrandsCayman Systems ManualsComputer equipment3220-H
40414243444546474849
SAFER – Vol. 3, Issue 6 42 © 2000 The Relay Group
DENIAL-OF-SERVICE
Denial-of-Service attacks are becoming an increasing concern. Below is a compilation of denial-of-
service security problems found in May 2000.
Cerberus Information Security Advisory (CISADV000527): Windows NT Browser Service DoS
Released May 30, 2000
Affects Microsoft Windows NT 4.0
Reference http://www.cerberus-infosec.co.uk/advisories.html
Problem
- A serious security flaw exists within the Computer Broswer Service on Windows NT 4 that can
lead to a total network failure due to bandwidth starvation.
- Remote attacker could flood Master Browser with host announcementmessages, and cause the
list to be broadcasted to all other stations on the network, causing overload on the network.
SAFER
- Microsoft have issued a patch.
Deerfield MDaemon Mail Server DoS Vulnerability
Released May 24, 2000
Affects Mdaemon 3.1beta, 3.0.3
Reference http://www.securityfocus.com/bid/1250
Problem
- Entering a long argument to the user command (256 or more bytes) will overflow the user buffer
and will cause the Mdaemon mail server to stop responding after the pass command is issued. A
reboot is required in order to regain normal functionality.
SAFER
- Deerfield.com is aware of this vulnerability and will be addressing this issue in the next release of
3.1 beta.
HP Web JetAdmin 6.0 Printing DoS Vulnerability
Released May 24, 2000
Affects HP JetAdmin 6.0
Reference http://www.securityfocus.com/bid/1246
Problem
- By default JetAdmin Web Interface Server listens on port 8000. If a malformed URL request is
sent to port 8000 this will cause the server services to stop responding. The service must be
stopped and restarted to regain normal functionality.
SAFER
-
TopLayer AppSwitch 2500 Multiple DoS Vulnerabilities
Released May 20, 2000
Affects TopLayer AppSwitch 2500.0
Reference http://www.securityfocus.com/bid/1258
Problem
- TopLayer AppSwitch 2500 has been reported to be vulnerable to numerous DoS attacks.
Fragmented packets, bad ICMP checksums, and other anomalous packets are reported to crash
the switch.
SAFER
- Wait for official fix, or use some other switch.