[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <00fd01c309c1$9a307170$0300a8c0@goliath>
Date: Wed, 23 Apr 2003 19:55:43 +0200
From: "GaLiaRePt" <galiarept@...eaker.net>
To: <badpack3t@...urity-protocols.com>, <che@...unia.com>
Cc: <vulnwatch@...nwatch.org>,
<FullDisclosure@...urity-protocols.com>,
<full-disclosure@...ts.netsys.com>, <bugtraq@...urityfocus.com>
Subject: [VulnDiscuss] Re: [Full-Disclosure] Secunia Research: Xeneo Web Server URL Encoding Denial of Service
Your advisory :
-----snip-----
Vulnerability Description -
To exploit this vulnerability, simply do a GET / with 4096 ?'s or more
will cause the web server to go down. It is not exploitable at this
point.
-----snip-----
Their advisory :
-----snip-----
The vulnerability is caused due to an error in the handling of
requests including a malformed URL encoding representation of a
character. By sending a request like the following, "xeneo.exe" will
crash with a runtime error.
Example:
http://[victim]/%A
-----snip-----
Confirmed the following Url Encording DoS on 2.2.9.0 : http://localhost/%s
Regards,
GaLiaRePt
From: "badpack3t" <badpack3t@...urity-protocols.com> :
> Nice try lamers. I found this vulnerability and published it on April 21.
> Try reading your mail lists before sending out advisories.
>
> Links:
>
> http://www.security-protocols.com/article.php?sid=1480&mode=thread&order=0
> http://lists.netsys.com/pipermail/full-disclosure/2003-April/009347.html
>
> ---------------------------
> badpack3t
> www.security-protocols.com
> ---------------------------
>
>
> > ======================================================================
> >
> > Secunia Research 23/04/2003
> >
> > - Xeneo Web Server URL Encoding Denial of Service -
> >
> > ======================================================================
> > Receive Secunia Security Advisories for free:
> > http://www.secunia.com/secunia_security_advisories/
> >
> > ======================================================================
> > Table of Contents
> > 1....................................................Affected Software
> > 2.............................................................Severity
> > 3.....................................Vendor's Description of Software
> > 4.........................................Description of Vulnerability
> > 5.............................................................Solution
> > 6...........................................................Time Table
> > 7..............................................................Credits
> > 8........................................................About Secunia
> > 9.........................................................Verification
> >
> > ======================================================================
> > 1) Affected Software
> >
> > Xeneo Web Server 2.2.9 and prior.
> >
> > ======================================================================
> > 2) Severity
> >
> > Rating: Moderately critical
> > Impact: Denial of Service
> > Where: From Remote
> >
> > ======================================================================
> > 3) Vendor's Description of Software
> >
> > "Xeneo Web Server is designed to deliver high performance and
> > reliability. It can be easily extended and customized to host
> > everything from a personal web site to advanced web applications that
> > use ASP, PHP, ColdFusion, Perl, CGI and ISAPI."
> >
> > "Key Xeneo Web Server features include: multiple domain support,
> > integrated Windows authentication, scripting interface, enhanced
> > filter support, ISAPI, CGI, ASP, SSL, intelligent file caching and
> > more."
> >
> > Vendor:
> > http://www.northernsolutions.com
> >
> > ======================================================================
> > 4) Description of Vulnerability
> >
> > A vulnerability in Xeneo Web Server can be exploited by malicious
> > people to cause a DoS (Denial of Service) on the web service.
> >
> > The vulnerability is caused due to an error in the handling of
> > requests including a malformed URL encoding representation of a
> > character. By sending a request like the following, "xeneo.exe" will
> > crash with a runtime error.
> >
> > Example:
> > http://[victim]/%A
> >
> > The web service needs to be restarted manually before functionality is
> > restored.
> >
> > ======================================================================
> > 5) Solution
> >
> > The vendor quickly responded by releasing version 2.2.10.
> >
> >
http://www.northernsolutions.com/index.php?view=product&sec=download&id=1
> >
> >
> > ======================================================================
> > 6) Time Table
> >
> > 22/04/2003 - Vulnerability discovered.
> > 22/04/2003 - Vendor notified.
> > 23/04/2003 - Vendor response.
> > 23/04/2003 - Public disclosure.
> >
> > ======================================================================
> > 7) Credits
> >
> > Discovered by badpack3t, www.security-protocols.com.
> >
> > ======================================================================
> > 8) About Secunia
> >
> > Secunia collects, validates, assesses and writes advisories regarding
> > all the latest software vulnerabilities disclosed to the public.
> > These advisories are gathered in a publicly available database at the
> > Secunia website:
> >
> > http://www.secunia.com/
> >
> > Secunia offers services to our customers enabling them to receive all
> > relevant vulnerability information to their specific system
> > configuration.
> >
> > Secunia offers a FREE mailing list called Secunia Security Advisories:
> >
> > http://www.secunia.com/secunia_security_advisories/
> >
> > ======================================================================
> > 9) Verification
> >
> > Please verify this advisory by visiting the Secunia website:
> > http://www.secunia.com/secunia_research/2003-5/
> >
> > ======================================================================
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists