Phase:Macromedia Sitespring 1.2.0 (277.1) using Sybase runtime engine 7.0.2.1480 allows remote attackers to cause a denial of service (crash) via a long malformed request to TCP port 2500, possibly triggering a buffer overflow.
ReferencesBUGTRAQ:Monday, July 01, 2002 KPMG-2002028: Sitespring Server Denial of Service | URL:http://online.securityfocus.com/archive/1/280079 | VULNWATCH:Monday, July 01, 2002 [VulnWatch] KPMG-2002028: Sitespring Server Denial of Service | URL:http://archives.neohapsis.com/ar
Votes:Proposed (Friday, August 30, 2002)
Comments: ACCEPT(1) Frech | NOOP(4) Wall, Foat, Cole, Cox
F7: