Threat Center Security News Flaw Discovered in Webwasher
Flaw Discovered in Webwasher Print E-mail
Written by Rebecca Mints   
Thursday, 03 April 2008 18:00

A DoS can be caused by if a hacker exploits a vulnerability in Webwasher. This is due to a flaw in the processing of URLs running on the newer Linux system. It can be exploited to freeze the service by processing a carefully crafted URL.

Affected applications are Webwashwer appliances 6.x (CGLinux 4 or 5) prior to build number 3150, and Webwasher software versions prior to versions 6.6.3 build 3150 or 5.3.0 build 3159 running on: RedHat Enterprise Linux 4, Debian Linux 4, and SLES 10.

A solution is to update to versions 6.6.3 build 3150 or 5.3.0 build 3159:

This vulnerability was discovered by the National Australia Bank Security Assurance.

Webwasher URL Processing Denial of Service Vulnerability


WTW Threat Level