Response Progress:
Thank you for the additional details. We do fully acknowledge that this
security threat with _cpyfile.r exists also when the "tty" directory is
installed.
However as explained earlier this issue was fixed in OpenEdge 10.0A and
beyond by checking the broker deployment mode (Dev/
There is a potential for a buffer overflow in the database executable _mprosrv
while reading a TCP/IP message that is incorrectly formatted. To avoid this
problem, additional checking has been added to the _mprosrv executable that
will prevent incorrectly formatted messages from causing buffer
Denial of Service attack against OpenEdge WebSpeed possible through dict.r.
11-5-2007
author: Eelko Neven
discovered: 9-5-2007
Because of poor security in dict.r it is possible to put all agents in busy
mode.
First you have to find the messenger execution url. For example:
http://yourmachine.co
Dear Eelko,
thank you for your additional details.
Development has indeed confirmed that _edit.r gets installed for
deployment, not only for development environments.
The information about this vulnerability and the recommended workaround
have been published in our knowledge base, as solution #P
_edit.r Busy agents exploit. 1-5-2007
author: Eelko Neven
discovered: 28-4-2007
tested: Windows 2000 server & Windows 2003 server
Because of poor security in _edit.r it is possible to put all agents in busy
mode.
First you have to find the messenger execution url. For example:
http://yourmachine
about.r OS and Progress version disclosure.
Because of poor security in webutil/about.r it is possible to view the OS and
the Progress version of a remote webspeed server.
First you have to find the messenger execution url. For example:
http://yourmachine.com/scripts/cgiip.exe/WService=wsbroker1
Because of a flaw in _cpyfile.p which is a default installed file it is
possible to gain full control of a machine running Progress Webspeed Messenger.
You can access, change and edit allmost any file on the server running the
Webspeed Messenger even when the workshop is disabled.
First you ha
