Security Incidents mailing list archives

iPlanet Server vulnerable to HTTP TCP HEAD Attack

From: "Mendoza Bazan, Luis - (Per)" <luis.mendoza () attla com>
Date: Wed, 10 Apr 2002 10:45:32 -0500

Hi,

I have an iPlanet server that work as email server. This server has the
following services enabled: SMTP, POP3 and HTTP. We detect the evidence that
is in the files attached. If you know some advice or workaround about this,
it will be welcome.
We are searching in Sun some info but cannot find it.

Best regards

Luis Mendoza
* luis.mendoza () attla com
Esta comunicación es de carácter personal y no representa la posición

oficial de AT&T Latin America - Perú

This communication is of personal character and it doesn't represent the

official position of AT&T Latin America - Peru

Attachment: HTTP_TCP_ATTACK_DET.rtf
Description:

Attachment: HTTP_TCP_ATTACK_SUMM.rtf
Description:

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Current thread:

iPlanet Server vulnerable to HTTP TCP HEAD Attack Mendoza Bazan, Luis - (Per) (Apr 10)
- Re: iPlanet Server vulnerable to HTTP TCP HEAD Attack Jeff (Apr 11)
- Re: iPlanet Server vulnerable to HTTP TCP HEAD Attack Paul Cardon (Apr 11)