Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

DOS Vulnerability in SlimServe HTTPd

From: joetesta () HUSHMAIL COM
Date: Wed, 28 Feb 2001 18:37:44 -0500
----- Begin Hush Signed Message from joetesta () hushmail com -----

DOS Vulnerability in SlimServe HTTPd



    Overview

SlimServe HTTPd v1.1 is a web server available from
http://www.whitsoftdev.com and http://www.download.com.  A DOS
vulnerability exists which allows a remote attacker to crash the server.



    Details

If an extraoridinarily long string ( ~80000 ) of 'A's is sent to the
server in a GET request, the server crashes with the following dump:


SLIMHTTP caused an invalid page fault in
module SLIMHTTP.EXE at 017f:004021db.
Registers:
EAX=ffffffff CS=017f EIP=004021db EFLGS=00010286
EBX=00412678 SS=0187 ESP=00eafa1c EBP=000400a4
ECX=81726914 DS=0187 ESI=00eb0000 FS=3b57
EDX=8172691c ES=0187 EDI=00000068 GS=402e
Bytes at CS:EIP:
8a 06 3c 0d 75 05 c6 06 00 eb 04 3c 0a 74 1a 66
Stack dump:
00eafe99 00eafd5d 00000000 0000000f
00000000 00000001 00000068 00000000
00000000 00000000 00000000 00000000
00000000 00000000 00000000 00000000



    Solution

No quick fix is possible.



    Vendor Status

WhitSoft Development was contacted via <mwhitlock () whitsoftdev com> on
Tuesday, February 20, 2001.  No reply was received.



    - Joe Testa  ( e-mail: joetesta () hushmail com / AIM: LordSpankatron )


----- Begin Hush Signature v1.3 -----
H3rAMdludc/DpXPE5kNn8LvGRgcB1cdUg7sSpMDpvcopVCbBVnSfSmR/k3qQPyv34eDu
e4eddq/4h6ffjOB+LPFKmvMTnpyqe3dqe2+A4Rfi5+0WGhHaPDMB+5nX+vMPu70ZKF+c
SI5hEJ2iBZ3agCBDv2AfPEC8Ybl+RJLJAfPzOwEOr2rZJ2cPr7TOYs71kmD5TV4dDmKf
QKx1mlaUxyjI25R0sxuzLWttnD5+taB3/xc8Iwcskwv3wgjIk9va7Sf88F07rm/tRcNy
9D6n1hFquJ4A8X+9utdWmYDhy3NENunLV4RUYTTiJLvutXfU/G+Be+XxuUoHjX0+d1Ij
IY4soyuV7zzNxsM+uuca4Dsc32v899SLy8e3+qTQI9+8jMx56BVKmXsD3oNFBNbRZaTa
toAM3SJo/jtwvRE96NiiRLKj8Q3Sshnh5y+luSwtUiGcTBRT8qO4okm2boz/XvOzv5sB
fnkJDtcM1MJUoZ627tghfNeCPH+FjCsqLwiAWqGQpTev
----- End Hush Signature v1.3 -----


This message has been signed with a Hush Digital Signature.
To verify the signature, please go to www.hush.com/tools


Free, encrypted, secure Web-based email at www.hushmail.com
Previous By Date Next
Previous By Thread Next

Current thread: