Reported September 12, 2000 by Delphis Consulting

VERSIONS AFFECTED
  • Faststream FUR HTTP Server v1.0b

DESCRIPTION

Running under Windows 2000 Workstation SP1, FUR HTTP Server 1.0b is vulnerable to a denial of service attack.

DEMONSTRATION

An attacker can cause FUR HTTP Server 1.0b to crash with an invalid procedure call by connecting to port 80 and sending 3k of data as a GET string. 

VENDOR RESPONSE

According to Delphis Consulting the vendor has been informed and at this time does not have a solution for this issue.

CREDIT
Discovered by Delphis Consulting