Vulnerability Development mailing list archives
Denial of Service in Xitami webserver all versions up to v2.5b1 for Windows.
From: webmad () MAIL RU (Roman)
Date: Wed, 29 Mar 2000 19:37:07 +0200
Anyone can remotely crash Xitami webserver by sending simple GET command. On remote side will be: Assertion Failed! Module: D:\Imatix\Develop\Smt\Smthttpl.c , line 745 All you need to do is just telnet to remote computer and execute GET<space><enter><enter> command. Also Xitami will crash if you'll execute POST<space><enter><enter> or HEAD<space><enter><enter> command. There is another DoS in Xitami. By default installation Xitami allows anonymous users on ftp. So connect to remote computer as anonymous user and execute cd con/con command. ----------------------------- romanv () citycat ru
Current thread:
- Denial of Service in Xitami webserver all versions up to v2.5b1 for Windows. Roman (Mar 29)