PROTEGO Security Advisory #PSA200403 Topic: MondoSoft - MsmLink.exe - Denial of Service Application : MondoSearch versions prior to 5.1b Author: Dennis Rand (dra at protego.dk) Advisory URL: http://www.protego.dk/advisories/200403.html Vendor Name: MondoSoft Vendor URL: http://www.mondosoft.com Vendor contacted: 26. Mar. 2004 Public release: 2. Apr. 2004 Bid: 10034 Problem: MondoSearch is web site search engine made by MondoSoft. One of the files installed with the MondoSoft search engine can be used perform a Denial of Service attack on the vulnerable system, making the webserver unable to serve other requests. Details: The vulnerability occurs when the MsmLink.exe is called multiple times. The MondoSoft software will load a new instance of the file each time it is requested which will eventually consume all memory on the vulnerable system. Impact: The may allow an attacker to perform a Denial of Service attack. Corrective actions: MondoSoft has released a patch for this issue. http://www.mondosoft.com/security Disclaimer: The information within this document may change without notice. Use of this information constitutes acceptance for use in an "AS IS" condition. There are NO warranties with regard to this information. In no event shall PROTEGO be liable for any consequences or damages, including direct, indirect, incidental, consequential, loss of business profits or special damages, arising out of or in connection with the use or spread of this information. Any use of this information lies within the user's responsibility. All registered and unregistered trademarks represented in this document are the sole property of their respective owners.