 |
|
|
|
| Vulnerability details : |
| |
 |
|
Adobe Content Server download.asp loanMin Parameter eBook DoS |
|
|
Fiche créée le 2004-04-09 05:55:25, dernière mise à jour le 2008-03-02 23:49:24
Content Server contains a flaw that may allow a malicious user to deny access to any book. The issue is triggered when an attacker uses a locally modified copy of the loan script to modify the loanMin parameter, which specifies the length of time a book is on loan. The loanMin parameter is not verified, and so any value is accepted. It is possible that the flaw may allow books to be listed on loan for a very long time resulting in a loss of availability.
|
| |
| Adobe Systems Incorporated 3.0 Affected | | | Attack Type : Denial of Service
saturation flood, crash, lock up, forced reboot. | Découvert le 2002-07-12 07:00:00
| Attack Type : Input Manipulation
XSS, SQL injection, file retrieval, directory traversal, overflows, URL encoding. | | | | Exploit : Exploit Public | Exploit découvert le 2002-07-12 07:00:00
| Impact : Loss of Availability
Assurance of timely and reliable access to data.
Examples: any DoS attack of any kind, unauthorized file deletion, etc. anything that can cause the availability of a service or information to be impacted. | | | Location : Remote / Network Access
If network access if required and exploit can be done remotely. | | | OSVDB : Web Related
The vulnerability is a web issue and will have an associated security check. | | |
| |
| External refs : |
| OSVDB 9299 | | | | | | | | |
| |
| |
| |
| |
|
|
|
|
| Free consultation (search) |
|
|
|
|
|
| |
|
|
|
