Title: Sage Software MAS 200 Denial of Service Vulnerability
Severity: HIGH
Description:
MAS 200 is a client/server accounting platform which runs on 32-bit Windows platforms.
A user is able to connect to port 10000 on a server running MAS 200. Once connected, the user can enter the <control> x key combination ten times to disable the server side application. At this point the client application is no longer able to connect to the server.
The next time a user connects to port 10000 on the host server, a message is displayed stating that the host has been disabled.
To resume service, the administrator must restart MAS 200 manually.
It has been reported that other key combinations such as <control> q and the arrow keys, will produce the same results.
Affected Products:
- Sage Software MAS 200
References:
- Sage Software: Sage Software Home Page
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
