[NT] Denial of Service Vulnerability in Xeneo Web Server
From: support@securiteam.comDate: 11/05/02
- Previous message: support@securiteam.com: "[NEWS] Oracle iSQL*Plus Buffer Overflow (Long User ID)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: support@securiteam.com To: list@securiteam.com Date: 5 Nov 2002 11:53:33 +0200
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -
Denial of Service Vulnerability in Xeneo Web Server
------------------------------------------------------------------------
SUMMARY
Northern Solutions'
<http://www.northernsolutions.com/index.php?view=product&id=1> Xeneo Web
Server is a "fast, compact web server that makes it easy to set up and
administer a web site on the Windows platform." A denial of service
vulnerability has been discovered in the product.
DETAILS
Vulnerable systems:
* Xeneo versions 2.1.0.0 (PHP version) and 2.0.759.6
Immune systems:
* Xeneo version 2.1.5 and above
Due to the improper handling of a specially crafted web request, remote
attackers may launch a denial of service attack against the PHP version of
Xeneo. The condition is triggered when the web server receives a request
for '%'. Upon successful exploitation, the web server will crash with a
Microsoft Visual C++ runtime error message. The following is an example
attack URL:
http://target.server/%
Analysis:
Any remote user with access to the application can launch this attack,
thereby denying legitimate users access to the server and the contents
and/or additional services provided.
Workaround:
Use a filtering web proxy server to help mitigate against exploitation.
Vendor fix:
Xeneo 2.1.5 and later should fix the problem. The latest release is
version 2.1.6.0, and it can be downloaded at:
<http://www.northernsolutions.com/downloads/xeneo_php_setup.exe>
http://www.northernsolutions.com/downloads/xeneo_php_setup.exe.
Disclosure timeline:
10/06/2002 Issue disclosed to iDEFENSE
10/31/2002 Author notified
10/31/2002 iDEFENSE clients notified
10/31/2002 Response received from <mailto:rshan@northernsolutions.com>
Robert Shanahan
11/04/2002 Public disclosure
ADDITIONAL INFORMATION
The original advisory is available by going to:
<http://www.idefense.com/advisory/11.04.02b.txt>
http://www.idefense.com/advisory/11.04.02b.txt
The information has been provided by <mailto:dendler@idefense.com> David
Endler of iDEFENSE, the vulnerability was discovered by Tamer Sahin .
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: support@securiteam.com: "[NEWS] Oracle iSQL*Plus Buffer Overflow (Long User ID)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
