lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <9bde05300701230649k2c2b3681hcd9f8b48ec452e1a@mail.gmail.com>
Date: Tue, 23 Jan 2007 15:49:59 +0100
From: "C0r3 1mp4ct" <c0r31mp4ct@...il.com>
To: bugtraq@...urityfocus.com
Subject: AToZed Software Intraweb Component for Borland Delphi and Kylix DoS vulnerability

Type: Deniel of Service
Severity: Critical
Title: AToZed Software IntraWeb Component for Borland Delphi and Kylix
DoS vulnerability
Date: January 23, 2007

Synopsys
--------

A DoS vulnerability exists in the IntraWeb Component of AToZed Software.

Background
---------

IntraWeb is a RAD component for Borland Delphi and Kylix by AToZed Software,
which allows developers to rapidly develop webapplication.
This component is commonly used by Borland developers internationally.

Description
-----------

DoS conditions occurs, when a specially crafted HTTP request is sent
to the webapplication.
After the request, the affected thread enters into an infinte loop, and hangs.
Under IIS 5.x, the thread will never be stopped.
Under IIS 6 the webserver automatically stops the thread after the
configured amount of time, or CPU usage.

Impact
------

An attack can cause the webapplication to slow down, and after more
specially crafted request, to stop processing requests.

WorkAround
----------

There is no vendor supplied workaround for the problem at this time.

A possible workaround can be, to filter the request body for the
special request, and repair it.
It can be achieved, by overriding the function called
"OnBeforeDispatch" of the TIWServerController object, and repair the
request, by changing the "Request.Content" field.

Affected versions
-----------------

IntraWeb 8.0 and lower versions

Vulnerability timeline
----------------------

2006.08.   - Vendor notified, but no answer
2007.01.23 - Vulnerability publicly available

Discovery is credited to: C0r31mp4ct

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ