Flaw Discovered in Webwasher |
|
|
Written by Rebecca Mints
|
Thursday, 03 April 2008 18:00 |
A DoS can be caused by if a hacker exploits a vulnerability in Webwasher. This is due to a flaw in the processing of URLs running on the newer Linux system. It can be exploited to freeze the service by processing a carefully crafted URL.
Affected applications are Webwashwer appliances 6.x (CGLinux 4 or 5) prior to build number 3150, and Webwasher software versions prior to versions 6.6.3 build 3150 or 5.3.0 build 3159 running on:Â RedHat Enterprise Linux 4, Debian Linux 4, and SLES 10.
A solution is to update to versions 6.6.3 build 3150 or 5.3.0 build 3159:Â https://extranet.webwasher.com/download/csm/index.html
This vulnerability was discovered by the National Australia Bank Security Assurance.
REFERENCES:
Secunia
Webwasher URL Processing Denial of Service Vulnerability
|