TFS Gateway 4.0拒绝服务漏洞

漏洞信息详情

TFS Gateway 4.0拒绝服务漏洞

• CNNVD编号：CNNVD-199908-060
• 危害等级： 中危
  
  
• CVE编号：
  CVE-1999-1515
  
• 漏洞类型：
  
  
  其他
  
• 发布时间：
  
  1999-08-31
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2006-09-05
  
• 厂        商：
  
  tenfour
• 漏洞来源：
  The credit for thi…

TenFour TFS Gateway 4.0版本中的非默认配置存在漏洞。攻击者借助带有不正确发送人和接受地址的信息导致服务拒绝。该漏洞导致网关每隔10秒不断尝试返回信息。

This can be solved by changing the way that TFS handles failed messages. By turning off the “returning the original message” to the sender of a message, this vulnerability is avoided.
TenFour has made a fixed version of TFS Gateway available to its customers from its website at:
http://www.tenfour.se
The non-vulnerable version is build 219 and later, and does not allow the full message to be returned to the sender in the event of failure.

来源: XF
名称: tfs-gateway-dos(3290)
链接:http://xforce.iss.net/static/3290.php

来源: BID
名称: 613
链接:http://www.securityfocus.com/bid/613