SecurityTracker.com Archives - DiGi WWW Server Can Be Crashed By Remote Users

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

SecurityTracker
Archives

Sign Up

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Affiliates

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Partners

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Category: Application (Web Server/CGI) > DiGi WWW Server

Vendors: Burge, Chris

DiGi WWW Server Can Be Crashed By Remote Users

SecurityTracker Alert ID: 1009957

CVE Reference: GENERIC-MAP-NOMATCH (Links to External Site)

Date: Apr 27 2004

Impact: Denial of service via network

Fix Available: Yes Exploit Included: Yes Vendor Confirmed: Yes

Version(s): Compieuw.1

Description: Donato Ferrante reported a denial of service vulnerability in the DiGi WWW Server. A remote user can cause the web service to consume excessive CPU resources or hang.

It is reported that a remote user can send a specially crafted HTTP request containing many '/' characters to cause the web server to consume excessive CPU resources attempting to convert the slash character to a backslash character.

It is also reported that a remote user can send a long HTTP request to cause the web service to freeze.

A demonstration exploit request is provided:

GET /// [ 660 kb of / ] /// HTTP/1.1

Impact: A remote user can cause the web service to consume excessive CPU resources or freeze.

Solution: The vendor has released a fixed version (Compieuw.2), available at:

http://wwwserver.sourceforge.net/dwn.html

Vendor URL: wwwserver.sourceforge.net/ (Links to External Site)

Cause: Input validation error

Underlying OS: Windows (Any)

Reported By: Donato Ferrante <fdonato@autistici.org>

Message History: None.

Source Message Contents

Date: Tue, 27 Apr 2004 17:35:56 -0000
From: Donato Ferrante <fdonato@autistici.org>
Subject: resources consumption in DiGi WWW Server

 


                            Donato Ferrante


Application:  DiGi WWW Server
               http://wwwserver.sourceforge.net

Version:      Compieuw.1

Bug:          resources consumption

Date:         27-Apr-2004

Author:       Donato Ferrante
               e-mail: fdonato@autistici.org
               web:    www.autistici.org/fdonato



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

1. Description
2. The bug
3. The code
4. The fix



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

----------------
1. Description:
----------------

Vendor's Description:

"DiGi WWW Server is a webserver. It is easy-to-use but also supports
access control, virtual folders and multiple ports. You can use plugin
dll's to add extra functionality. The server can run as a GUI
application and as an NT service."



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

------------
2. The bug:
------------

The program has a procedure that makes a conversion, it parses the
request strings replacing all the occurrences of slash with backslash.

So if you send to the webserver a crafted big request full of '/',
the server will be freezed by consuming a lot of CPU resources.


Furthermore it's also possible to freeze the server by sending to it a
long http request.



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

-------------
3. The code:
-------------

To test the vulnerability, send to the webserver an http request like:


GET /// [ 660 kb of / ] /// HTTP/1.1



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

------------
4. The fix:
------------

Bug fixed in the version Compieuw.2.



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us | Help
Copyright 2004, SecurityGlobal.net LLC