[NEWS] The Netware FTP Server Contains a DoS vulnerability

From: support@securiteam.com
Date: 05/08/02


From: support@securiteam.com
To: list@securiteam.com
Date: Wed,  8 May 2002 18:18:42 +0200 (CEST)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -

  The Netware FTP Server Contains a DoS vulnerability
------------------------------------------------------------------------

SUMMARY

The Netware FTP server has a DOS vulnerability. An attacker could cause
the server CPU to spike at 100% CPU hogging the server and causing a DOS,
preventing legitimate users access to the server.

DETAILS

Vulnerable systems:
 * Novell Netware 6.0 SP 1

An attacker could cause the server to spike at 100% CPU, prohibiting
legitimate users to access the server. This is done by connecting to the
server using netcat or telnet and simply typing an enter. Due to the
impact of this issue, it is not recommended to have unprotected ftp
servers on public networks. Since there is no patch yet, we urge you to
shutdown the ftp server or filter incoming connections as soon as
possible.

Solution:
Disable the ftp server or make sure only trusted people can connect to it
by filtering incoming connections.

Install patch from Novell as soon as it becomes available.

Vendor status:
Novell was contacted 20020408 but has not yet responded to the issue.

ADDITIONAL INFORMATION

The information has been provided by
<mailto:patrik.karlsson@se.pwcglobal.com> Patrik Karlsson &
<mailto:jonas.landin@ixsecurity.com> Jonas Lšndin.

========================================

This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.