Shambala Web Server DoS
Results 1 to 2 of 2

Thread: Shambala Web Server DoS

  1. #1
    Senior since the 3 dot era
    Join Date
    Nov 2001

    Shambala Web Server DoS

    New vulnerability added to the list of Shambala web server problems...
    The Shambala web server can be crashed by sending the command "GET !"#?%&/()=?"
    No real biggie (IMHO) since Shambala is mainly intended for home users... but still it can be annoying to see your server on your poor win box crashing and crashing again.
    Platforms : Win 3.x / Win 95 / Win NT

    This vulnerability is included in the securityspace db, ID10967
    Title: Shambala web server DoS
    ID: 10967
    Category: Untested
    Summary: Kills a Shambala web server
    ** It was possible to kill the web server by
    ** sending this request :
    ** GET !"#?%&/()=?
    ** Workaround : install a safer server or upgrade it
    ** Risk factor : Medium
    Similar DoS exploits were discovered before (in October 2000, and I think they are still not fixed, shame on the manufacturer):
    technical description of the exploit:
    can also be found at securiteam:
    short description:

    My solution... hmm run Apache

  2. #2
    Junior Member
    Join Date
    Jun 2002
    What kind of an idiot would run an "important" website on a win box?
    Use linux you\'ll love it in the end!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts