Published:2014/10/16  Last Updated:2014/10/16

Information from TripodWorks CO.,LTD.

Vulnerability ID:JVN#23809730
Title:GIGAPOD vulnerable to denial-of-service (DoS)

This is a statement from the vendor itself with no modification by JPCERT/CC.

<Affected Products and Versions>

GIGAPOD OFFICEHARD software model and the appliance model of version 3.04.03, and previous versions.

GIGAPOD 2010 and GIGAPOD 3 software model and the appliance model of version 3.01.02, and previous versions.

<Information InDepth>

There is a security issue CVE-2011-3192 which was identified.
GIGAPOD system(i.e.:http://hostname:8001/) embeds Apache settings that has a HTTP request problems.

This security vulnerability do not affect the services in HTTP and HTTPS(port number 80 and 443).

<Fixed version>

・GIGAPOD OFFICEHARD version 3.04.04
・GIGAPOD 3 version 3.01.05