UPS denial of service vulnerability

Mapdex Blog

mapdex home blog home login register

<<	January, 2009					>>
S	M	T	W	T	F	S
				1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28	29	30	31

Search Blog

Recent Entries

Mapdex at the UC
Super Swanky Swiper (SSS)
A new beginning...
ArcIMS and Google Maps version 2 for ASP
Data Mining
Geo Developer
I don't want my site on Mapdex
ArcIMS and Google Maps version 2
Global Geology and Topography
Google Maps + ArcIMS Implementation

Recent Comments

Re: A new beginning... (by Casey at 8/15 10:43 AM)
Re: A new beginning... (by Kirk Mower at 8/14 11:16 PM)
Re: A new beginning... (by jbartley at 7/27 10:25 AM)
Re: A new beginning... (by Brian Timoney at 7/26 4:12 PM)
Re: A new beginning... (by Dave at 7/26 1:50 PM)
Re: A new beginning... (by Steven Citron-Pousty at 7/26 1:04 PM)
Re: A new beginning... (by James Fee at 7/26 12:21 PM)
Re: A new beginning... (by Brian Flood at 7/26 12:12 PM)
Re: A new beginning... (by amber at 7/26 11:06 AM)
Re: ArcIMS and Google Maps version 2 for ASP (by rnrwang at 6/28 2:02 PM)

Categories

ArcGIS Server (1) RSS
ArcIMS (10) RSS
Disaster Response (3) RSS
Google Maps (9) RSS
Internet Mapping (9) RSS
Mapdex Dev (14) RSS
Mapdex GE (5) RSS
Mapdex Overview (17) RSS
Mapdex Query (7) RSS
Mapdex Stats (6) RSS
Mapdex Toolbar (1) RSS
Network Security (2) RSS
Portals (2) RSS
SQL (2) RSS
Swiper (1) RSS
Yahoo! Maps (2) RSS

Archives

August 2006 (2)
July 2006 (1)
June 2006 (3)
May 2006 (5)
April 2006 (2)
March 2006 (5)
February 2006 (5)
January 2006 (1)
December 2005 (2)
November 2005 (2)
October 2005 (3)
September 2005 (5)
August 2005 (13)

Photo Albums

RSS

RSS 1.0 (all)
More RSS feeds...

Powered by
BlogCFM v1.11

10 August 2005

UPS denial of service vulnerability

Categories: Network Security

We just had one of our main web application servers fall victim to a denial of service attack yesterday. It turns out that the APC PowerChute Business edition software (for the UPS system) has a major flaw that allows someone to issue a denial of service attack on systems running affected versions of the software (6.0-7.0.1).

The symptoms:

Symantec AntiVirus was disabled and would not start up
Internet Explorer started normally, but would only display a blank white screen
Services could not be manually stopped or started
Control panel was unresponsive
ArcIMS failed to start after a reboot
The powerchute services (server and agent) were stuck on "starting" and they could not be disabled from starting up

To fix it we manually removed the services from the registry and then uninstalled the software.

http://www.securitytracker.com/alerts/2004/Jul/1010745.html

Cheers,

Jeremy

Posted by jbartley at 10:15 AM | Link | 0 comments

Subscription Options

You are not logged in, so your subscription status for this entry is unknown. You can login or register here.

No comments found.

Commenting has been disabled for this entry.