OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: joetestaHUSHMAIL.COM
Date: Tue Jan 30 2001 - 14:41:52 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    DOS Vulnerability in SlimServe HTTPd

        Overview

    SlimServe HTTPd v1.0 is a web server available from http://www.whitsoftdev.com
    and http://www.download.com. A DOS vulnerability exists which allows a
    remote
    attacker to crash the server.

        Details

    If an extraoridinarily long string of 'A's is sent to the server in a GET
    request, the server crashes with the following dump:

    SLIMHTTP caused an invalid page fault in
    module SLIMHTTP.EXE at 017f:004021db.
    Registers:
    EAX=ffffffff CS=017f EIP=004021db EFLGS=00010286
    EBX=00412794 SS=0187 ESP=00eafa1c EBP=000400a4
    ECX=8173ac0c DS=0187 ESI=00eb0000 FS=228f
    EDX=8173ac14 ES=0187 EDI=00000068 GS=0000
    Bytes at CS:EIP:
    8a 06 3c 0d 75 05 c6 06 00 eb 04 3c 0a 74 1a 66
    Stack dump:
    00eafe99 00eafd5d 00000000 0000000f
    00000000 00000001 00000068 00000000
    00000000 00000000 00000000 00000000
    00000000 00000000 00000000 00000000

        Solution

    No quick fix is possible.

        Vendor Status

    WhitSoft Development was contacted via <mwhitlockwhitsoftdev.com> on
    Sunday, January 28, 2001. This was the response I received:

    > I appreciate your taking the time to alert me to the presence of this
    bug.
    > However, I can't do anything to fix it right now, as I have no time for
    > programming.
    >
    > Matt Whitlock

            - Joe Testa ( joetestahushmail.com )

    IMPORTANT NOTICE: If you are not using HushMail, this message could have been read easily by the many people who have access to your open personal email messages.
    Get your FREE, totally secure email address at http://www.hushmail.com.