[Full-Disclosure] Twilight Utilities TW-WebServer/1, 3, 2, 0 DoS

From: badpack3t (badpack3t@security-protocols.com)
Date: 04/16/03

  • Next message: subversive : "[Full-Disclosure] SFAD03-001: iWeb Mini Web Server Remote Directory Traversal"
    From: "badpack3t" <badpack3t@security-protocols.com>
    To: <full-disclosure@lists.netsys.com>
    Date: Tue, 15 Apr 2003 21:20:37 -0400 (EDT)
    

    SP Research Labs Advisory x02
    -----------------------------
    www.security-protocols.com

    Product - Twilight Utilities TW-WebServer/1,3,2,0

    Download it here:
    http://www.twilightutilities.com/WebServer.html

    Date Released - 04/15/2003

    Release Mode - 0hday, why contact the vendor?

    Advisory Link:
    http://www.security-protocols.com/article.php?sid=1474&mode=thread&order=0

    ----------------------------

    Product Description from the vendor -

    We are excited to present this completely new Modem Ready Internet Web
    Server supporting these terrific features.

    -Installs in seconds
    -Lets you INSTANTLY share pictures and files
    -Modem aware
    -Automates telling friends and family when you start serving
    -Automatically integrates your web camera
    -Allows others to send files to you
    -Automatically generates web pages
    -Supports file resume
    -A truely unique files-sharing tool

    -----------------------------

    Vulnerability Description -

    To exploit this vulnerability, simply do a GET / with 4096 A's or more
    will cause the webserver to go down. Who really gives a damn right?

    Tested on:

    Windows XP Pro SP1
    Windows 2000 SP3
    -----------------------------

    Credit

    2PAC and Snoop Dogg did most of the work on this one.

    -----------------------------

    peace out,

    badpack3t
    www.security-protocols.com

    
    

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html



  • Next message: subversive : "[Full-Disclosure] SFAD03-001: iWeb Mini Web Server Remote Directory Traversal"

    Relevant Pages