Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

NetSuite 1.02 web server vulnerabilty

From: Phiber <phiber () xatrix org>
Date: Mon, 19 Feb 2001 23:13:43 +0100
Discovered by : Xatrix Security (17/02/2001)
http://www.xatrix.org

Vulnerable Server: Moby Netsuite Web Server
Infected Version: 1.02
Vendor Conacted: YES
~~~~~~~~~~~~~~~~~~~

Description:
- Moby Netsuite web server is free web server for win 9x/NT
which can be downloaded from http://www.mobydisk.com.
It supports CGI scripting and it is easly configurable.

Impact:
- By sending more than 200 charachters it can be crashed ...
(Windows kernel will report that NetSuite has caused an unknown error :)


Example:
www.SITE.com/ [ more than 200 a's]

Solution: Wait for new version of NeSuite web server or a patch.


[ EOF - 18/02/2001 ]

Regards,
-------------------------------------------
- Phiber
"Security is completly theoretical"
Xatrix Security, http://xatrix.org
Previous By Date Next
Previous By Thread Next

Current thread: