[ advisories | exploits | discussions | news | conventions | security tools | texts & papers ]
 main menu
- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news
 
 discussions
- read forum
- new topic
- search
 

 meetings
- meetings list
- recent additions
- add your info
 
 top 100 sites
- visit top sites
- sign up now
- members
 
 webmasters

- add your url
- add domain
- search box
- link to us

 
 projects
- our projects
- free email
 
 m4d network
- security software
- secureroot
- m4d.com
Home : Advisories : Ultraseek 3.1.x Remote DoS Vulnerability

Title: Ultraseek 3.1.x Remote DoS Vulnerability
Released by: USSR
Date: 30th October 2000
Printable version: Click here 
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1



Ultraseek 3.1.x Remote DoS Vulnerability



USSR Advisory Code:  USSR-2000056



Public Disclosure Date:

October 30, 2000



Vendors Affected:



Ultraseek Corporation.

http://www.ultraseek.com.





Systems Affected:

Ultraseek 3.1 (Sun Solaris)

Ultraseek 3.1 (Microsoft Windows NT)

Ultraseek 3.1 (Linux)

Ultraseek 3.1 (HP-UX)



Ultraseek 3.1.10 (Sun Solaris)

Ultraseek 3.1.10 (Microsoft Windows NT)

Ultraseek 3.1.10 (Linux)

Ultraseek 3.1.10 (HP-UX)



and possibly others.





Problem:

The USSR Team has found problem with the Ultraseek Search engine. The

Ultraseek Search engine is vulnerable to a Denial of Service attack.



Upon connecting to the search engine, which by default runs on port

8765, it is possible to pass a malformed URL to the engine that will

cause the process to stop responding to valid requests.





SPECIAL NOTE: That we take no responsibility for the given example.

It

is for educational purposes only.



Example:



http://ServerIP:8765/index.html?&col=&ht=0&qs=&qc=&pw=100%25&ws=0&nh=1

0&lk=1 &rf=0&si=1&si=1&ql=../../../index





Vendor Status:

Informed: Wednesday, October 11, 2000 1:34 PM

Contacted: Wednesday, October 11, 2000 2:14 PM

Patch Available: October 23, 2000





Fix:

Sun Solaris



Inktomi Search 4.0 for the Sun Solaris platform is available at:



http://ftp.ultraseek.com/pub/InktomiSearch/4.0.0/InktomiSearch-solaris-

4.0.0.tar.Z

http://ftp.ultraseek.com/pub/InktomiSearch/4.0.0/InktomiSearch-solaris-

4.0.0.tar.gz



Additional European language support for Solaris is available at:



http://ftp.ultraseek.com/pub/InktomiSearch/4.0.0/InktomiSearch-solaris-

4.0.0-language.tar.Z

http://ftp.ultraseek.com/pub/InktomiSearch/4.0.0/InktomiSearch-solaris-

4.0.0-language.tar.gz



Additional Asian language support for Solaris is available at:



http://ftp.ultraseek.com/pub/InktomiSearch/4.0.0/InktomiSearch-solaris-

4.0.0-cjk.tar.Z

http://ftp.ultraseek.com/pub/InktomiSearch/4.0.0/InktomiSearch-solaris-

4.0.0-cjk.tar.gz



Additional postscript support for Solaris is available at:



http://ftp.ultraseek.com/pub/InktomiSearch/4.0.0/InktomiSearch-solaris-

4.0.0-postscript.tar.Z

http://ftp.ultraseek.com/pub/InktomiSearch/4.0.0/InktomiSearch-solaris-

4.0.0-postscript.tar.gz



z3950 support for Solaris is available at:



http://ftp.ultraseek.com/pub/InktomiSearch/4.0.0/InktomiSearch-solaris-

4.0.0-z3950.tar.Z

http://ftp.ultraseek.com/pub/InktomiSearch/4.0.0/InktomiSearch-solaris-

4.0.0-z3950.tar.gz



40-bit SSL spidering support for Solaris is available at:



http://ftp.ultraseek.com/pub/InktomiSearch/4.0.0/InktomiSearch-solaris-

4.0.0-ssl-export.tar.Z

http://ftp.ultraseek.com/pub/InktomiSearch/4.0.0/InktomiSearch-solaris-

4.0.0-ssl-export.tar.gz



128-bit SSL spidering support is also available.  Contact your sales

representative for download information.





Microsoft Windows NT

To install Inktomi Search 4.0 for Microsoft Windows NT, simply

download the latest version by saving it to your Desktop:



http://ftp.ultraseek.com/pub/InktomiSearch/4.0.0/InktomiSearch-winnt-4.

0.0.exe



Then, unpack the files by double-clicking the Inktomi icon on your

desktop.

Follow the instructions to complete the installation.



Additional European language support is available for Windows NT at:



http://ftp.ultraseek.com/pub/InktomiSearch/4.0.0/InktomiSearch-winnt-4.

0.0-language.exe



Additional Asian language support is available for Windows NT at:



http://ftp.ultraseek.com/pub/InktomiSearch/4.0.0/InktomiSearch-winnt-4.

0.0-cjk.exe



Additional postscript support is available for Windows NT at:



http://ftp.ultraseek.com/pub/InktomiSearch/4.0.0/InktomiSearch-winnt-4.

0.0-postscript.exe



40-bit SSL spidering support for Windows NT is available at:



http://ftp.ultraseek.com/pub/InktomiSearch/4.0.0/InktomiSearch-winnt-4.

0.0-ssl-export.exe



128-bit SSL spidering support is also available.  Contact your sales

representative for download information.





Linux



Inktomi Search 4.0 for the Linux platform is available at:



http://ftp.ultraseek.com/pub/InktomiSearch/4.0.0/InktomiSearch-linux-4.

0.0.i386.rpm

http://ftp.ultraseek.com/pub/InktomiSearch/4.0.0/InktomiSearch-linux-4.

0.0.tar.gz



Additional European language support is available for Linux at:



http://ftp.ultraseek.com/pub/InktomiSearch/4.0.0/InktomiSearch-linux-4.

0.0-language.i386.rpm

http://ftp.ultraseek.com/pub/InktomiSearch/4.0.0/InktomiSearch-linux-4.

0.0-language.tar.gz



Additional Asian language support is available for Linux at:



http://ftp.ultraseek.com/pub/InktomiSearch/4.0.0/InktomiSearch-linux-4.

0.0-cjk.i386.rpm

http://ftp.ultraseek.com/pub/InktomiSearch/4.0.0/InktomiSearch-linux-4.

0.0-cjk.tar.gz



Additional z3950 support is available for Linux at:



http://ftp.ultraseek.com/pub/InktomiSearch/4.0.0/InktomiSearch-linux-4.

0.0-z3950.i386.rpm

http://ftp.ultraseek.com/pub/InktomiSearch/4.0.0/InktomiSearch-linux-4.

0.0-z3950.tar.gz





HP-UX

To install Inktomi Search 4.0 on an HP-UX platform, unpack the file

using gzip and then tar. For example:



gunzip InktomiSearch-hpux-4.0.0.tar.gz

tar xvf InktomiSearch-hpux-4.0.0.tar



Inktomi Search 4.0 for the HP-UX platform is available at:



http://ftp.ultraseek.com/pub/InktomiSearch/4.0.0/InktomiSearch-hpux-4.0

.0.tar.gz



Additional European language support is available for HP-UX at:



http://ftp.ultraseek.com/pub/InktomiSearch/4.0.0/InktomiSearch-hpux-4.0

.0-language.tar.gz



Additional Asian language support is available for HP-UX at:



http://ftp.ultraseek.com/pub/InktomiSearch/4.0.0/InktomiSearch-hpux-4.0

.0-cjk.tar.gz



Additional z3950 support is available for HP-UX at:



http://ftp.ultraseek.com/pub/InktomiSearch/4.0.0/InktomiSearch-hpux-4.0

.0-z3950.tar.gz





Related Links:



Underground Security Systems Research:

http://www.ussrback.com



CrunchSp Product:

http://www.crunchsp.com



About:



USSR is an emerging security company based in South America.

We are devoted to network security research, vulnerability research,

and

software protection systems. One of the main objectives of USSR is to

develop and implement cutting edge security and protection systems

that cater

to an evolving market.



We believe that the way we implement security solutions can make a

difference.

CrunchSP is an example, providing a solution to software piracy.  Our

solutions

such as CrunchSP are devoted to protecting your enterprise.



On a daily basis, we research, develop, discover and report

vulnerability

information.  We make this information freely available via public

forums such

as BugTraq, and our advisory board located at

http://www.ussrback.com.



The USSR is a highly skilled, experienced team.  Many USSR

programmers, as

well as programmers of partners and affiliates, are seasoned

professionals,

with 12 or more years of industry experience.  A knowledge base of

numerous

computer applications as well as many high and low level programming

languages

makes USSRback a diverse team of experts prepared to serve the needs

of any

customer.



USSR has assembled some of the world's greatest software developers

and security consultants to provide our customers with a wide range

of

enterprise level services.  These services include:



* Network Penetration Testing

* Security Application development

* Application Security Testing and Certification

* Security Based on Security Tools

* Cryptography

* Emergency Response Team

* Firewalling

* Virtual Private Networking

* Intrusion Detection

* Support and maintenance



For more information, please contact us via email at

labs@ussrback.com.



Copyright (c) 1999-2000 Underground Security Systems Research.

Permission is hereby granted for the redistribution of this alert

electronically. It is not to be edited in any way without explicit

consent of USSR. If you wish to reprint whole or any part of this

alert in any other medium excluding electronic medium, please e-mail

labs@ussrback.com for permission.



Disclaimer:

The information within this paper may change without notice. We may

not be held responsible for the use and/or potential effects of these

programs or advisories.  Use them and read them at your own risk or

not at all. You solely are responsible for this judgment.



Feedback:



If you have any questions, comments, concerns, updates, or

suggestions

please feel free to send them to:



Underground Security Systems Research

mail:labs@ussrback.com

http://www.ussrback.com



-----BEGIN PGP SIGNATURE-----

Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>



iQA/AwUBOf6XjNybEYfHhkiVEQLTQwCg+/U+JYAbt9vj9nvf2L5VuSsB3xwAnRMA

Do8HprJjRMqPQFU1MSbFjMzj

=CFAr

-----END PGP SIGNATURE-----






(C) 1999-2000 All rights reserved.