Reported December 21 by Strumpf Noir Security

VERSIONS AFFECTED
  • Infinite InterChange 3.61

DESCRIPTION

A Denial of Service (DoS) attack has been discovered that affects Infinite InterChange 3.61. A malicious user can send a malformed POST request and cause the HTTP services to stop responding.

DEMONSTRATION

The attack can be carried out as follows;

Telnet
POST aaa(x963+ bytes) HTTP/1.0

The server will stop responding and require a reboot.

VENDOR RESPONSE

Strumpf Noir has notified the vendor.

CREDIT
Discovered by
Strumpf Noir Security