[NT] RhinoSoft DNS4ME HTTP Server DoS and CSS

From: SecuriTeam (support_at_securiteam.com)
Date: 10/05/04

  • Next message: SecuriTeam: "[TOOL] Fakebust - Fake Exploit Code Detector" 
    To: list@securiteam.com
Date: 5 Oct 2004 11:35:01 +0200

    The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
    - - promotion

    The SecuriTeam alerts list - Free, Accurate, Independent.

    Get your security news from a reliable source.
    http://www.securiteam.com/mailinglist.html

    - - - - - - - - -

      RhinoSoft DNS4ME HTTP Server DoS and CSS
    ------------------------------------------------------------------------

    SUMMARY

     <http://www.dns4me.com/> DNS4Me is "the dynamic DNS service that you need
    to start hosting your own Internet services".

    The RhinoSoft DNS4ME HTTP server is prone to multiple vulnerabilities
    ranging from Cross Site Scripting to Denial of Service.

    DETAILS

    Vulnerable Systems:
     * RhinoSoft.com DNS4Me Web Server version 3.0.0.4 and prior

    Cross Site Scripting:
    It is possible for an attacker to render malicious code in a victims
    browser by sending them a URL to request a document on the server(s),
    which contains A malformed query string.

    http://127.0.0.1/?%3E%3Cscript%3Ealert('XSS')%3C/script%3E

    Any code in the query string will be executed and cause cross site
    scripting.

    Denial of Service:
    RhinoSoft.com DNS4Me Web Server is vulnerable to Denial of Service
    attacks. If a malicious user sends a large amount of data to port 80, or
    the port that the DNS4Me Web Server is running on, it will send the CPU
    usage to 99% and eventually crash the affected server.

    Solution:
    The developers were contacted last month about these issues. They said
    they needed a month to resolve them. It has been one month so users should
    check their website for an update. Also, the RhinoSoft HTTP server may be
    included in other RhinoSoft applications as well. Not sure of this, but
    something for other researchers to look out for.

    ADDITIONAL INFORMATION

    The information has been provided by James Bercegay of the GulfTech
    Security Research Team.
    The original article can be found at:
    <http://www.gulftech.org/?node=research&article_id=00049-09162004>
    http://www.gulftech.org/?node=research&article_id=00049-09162004

    ========================================

    This bulletin is sent to members of the SecuriTeam mailing list.
    To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
    In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

    ====================
    ====================

    DISCLAIMER:
    The information in this bulletin is provided "AS IS" without warranty of any kind.
    In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

  • Next message: SecuriTeam: "[TOOL] Fakebust - Fake Exploit Code Detector"

    Relevant Pages