Vulnerability Development mailing list archives
Ezboard bug
From: frazzle_freckle () HEHE COM (Frazzle Freckle)
Date: Thu, 25 May 2000 23:56:32 -0600
[no message body] _____________________________________________ Free email with personality! Over 200 domains! http://www.MyOwnEmail.com ============================================================================= Securax-SA-03 Security Advisory belgian.networking.security Dutch ============================================================================= Topic: Ezboard ver. 5.3.9 can be caused unreachable. Announced: 2000-05-24 Affects: Ezboard Ver. 5.3.9. Other versions not tested. ============================================================================= Note: This entire advisory has been based upon trial and error results. We can not ensure the information below is 100% correct being that we have no source code to audit. This document is subject to change without prior notice. If you happen to find more information or problems concerning the below problem or further varients please contact ezboard themselves and/or frazzle_freckle () hehe com. I. Problem Description ----------------------- When someone visits http://pub4.ezboard.com/u*.showPublicProfile for example, every ezboard on server6.ezboard.com will become unreachable for anyone. The problem occurs when trying to Show a users public profile. When a user is replaced with '*' it causes the server to strain. If you want to make the ezboards on pub7.ezboard.com unreachable you can visit the following site as well: http://pub7.ezboard.com/u*.showPublicProfile. Not much research has been directed to locating the full list of pub* servers. Variable standard wildcard characters also cause the servers to have the same reaction, ie: $, &, @, etc. II. Impact Ezboard servers and client message boards, etc. can be caused to be lagged and unreachable while the service strains for large wildcard responses. Their could be made code that would take the server down fully. For example: perl -e 'for(;;){`(sleep 30;killall -9 lynx)|lynx http://address/`}' This is not tested. III. Solution The service has been notified and will hopefully be fixed within the near future to prevent and further misfortune for current clients/users in action of service. I would strongly suggest changing the character type of the standard wildcards which do special uneeded tasks. IV. Credits greetz: R00T-dude, securax, Zoa_Chien, Visjnu, Zym0t1c, HTWX, H4H, loophole and hhp. -Frazzle_Freckle(frazzle_freckle () hehe com). ============================================================================= For more information frazzle_freckle () hehe com Website http://www.securax.org Advisories/Text http://www.securax.org/pers -----------------------------------------------------------------------------
Current thread:
- Local DoS : RedHat 6.0 ~jim (May 23)
- Re: Local DoS : RedHat 6.0 Greg KH (May 24)
- Re: Local DoS : RedHat 6.0 Robert A. Seace (May 25)
- Re: Local DoS : RedHat 6.0 Mailing List (May 25)
- Ezboard bug Frazzle Freckle (May 25)
- Re: Local DoS : RedHat 6.0 3APA3A (May 26)
- Re: Local DoS : RedHat 6.0 Tymm Twillman (May 28)
- Re: Local DoS : RedHat 6.0 3APA3A (May 29)
- Re: Local DoS : RedHat 6.0 Tymm Twillman (May 28)
- IMAPrev1 v12.250 - Local BOF under Linux Morpheus (May 26)
- <Possible follow-ups>
- Re: Local DoS : RedHat 6.0 ~jim (May 28)