S-A-F-E-R - Security Alert For Enterprise ResourcesSecurity Solutions Electronic Commerce Transaction Processing Company Profile Press Releases Partners In Progress Contacts Training Courses Go to Siam Relay Home S-A-F-E-R S.A.F.E.R. Security Bulletin 981014.DOS.1.2 TITLE Vulnerability in SharedX Receiver Service (recserv) DATE October 14, 1998 NATURE Denial-of-Service PLATFORMS HP-UX 10.20 (possibly other versions of HP-UX) DETAILS: By sending specific amount of characters to SharedX Receiver Service, remote (and local) users can perform DoS attack against HP-UX 10.20 machine. Recserv process reaches 100% (or less, depending on CPU usage by other processes) 3-5 minutes after attack, and has to be killed and restarted. FIXES: Hewlett-Packard has been notified on September 3, 1998 but patch is not available yet. UPDATE: Patch has been made available on October 28, 1998. All rights reserved. Copyright Siam Relay Ltd. 1998. Click here for disclaimer Contact us at: info@siamrelay.com