From: Secunia Security Advisories (sec-advsecunia.com)
Date: Thu May 29 2003 - 04:26:07 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

TITLE:
Tornado www-server Multiple Vulnerabilities

READ ONLINE:
http://www.secunia.com/advisories/8887/

CRITICAL:
Highly critical

IMPACT:
DoS, System access, Exposure of sensitive information

WHERE:
From remote

SOFTWARE:
Tornado www-server 1.x

DESCRIPTION:
Two different vulnerabilities have been identified in Tornado
www-server, one allowing malicious people to retrieve any file, the
other to crash the server.

One problem is that requests aren't verified properly. This allows
malicious people to supply the path to any file outside the web root,
the file will then be returned.

The other is that Tornado can't handle requests longer than 471
characters. This causes the server to crash, it might also be
possible to exploit this to execute arbitrary code.

These vulnerabilities have been reported to exist in version 1.2

SOLUTION:
Use a proxy server or firewall with URL filtering capabilities to
filter malicious requests or use another webserver.

REPORTED BY / CREDITS:
D4rkGr3y

ORIGINAL ADVISORY:
http://www.dhgroup.org/bugs/adv20.txt

----------------------------------------------------------------------

Secunia recommends that you verify all advisories you receive, by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

Contact details:
Web : http://www.secunia.com/
E-mail : supportsecunia.com
Tel : +44 (0) 20 7016 2693
Fax : +44 (0) 20 7637 0419

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories

----------------------------------------------------------------------

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]