SecurityTracker.com Archives - MiniShare Can Be Crashed By Remote Users With Incomplete HTTP Requests

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

SecurityTracker
Archives

Sign Up

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Affiliates

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Partners

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Category: Application (Web Server/CGI) > MiniShare

Vendors: minishare.sourceforge.net

MiniShare Can Be Crashed By Remote Users With Incomplete HTTP Requests

SecurityTracker Alert ID: 1010291

SecurityTracker URL: http://securitytracker.com/id?1010291

CVE Reference: GENERIC-MAP-NOMATCH (Links to External Site)

Date: May 26 2004

Impact: Denial of service via network

Exploit Included: Yes Vendor Confirmed: Yes

Version(s): 1.3.2

Description: Donato Ferrante reported a vulnerability in MiniShare. A remote user can cause the service to crash.

It is reported that a remote user can send an HTTP GET or HEAD request with one or fewer newline characters to cause the web server to crash.

Impact: A remote user can cause the web service to crash.

Solution: No solution was available at the time of this entry. The vendor reportedly plans to issue a fix in the next version.

Vendor URL: minishare.sourceforge.net/ (Links to External Site)

Cause: Exception handling error, State error

Underlying OS: Windows (Any)

Reported By: Donato Ferrante <fdonato@autistici.org>

Message History: None.

Source Message Contents

Date: Wed, 26 May 2004 13:13:11 -0000
From: Donato Ferrante <fdonato@autistici.org>
Subject: DoS in MiniShare 1.3.2

 

                            Donato Ferrante


Application:  MiniShare
               http://minishare.sourceforge.net/

Version:      1.3.2

Bug:          Denial Of Service

Date:         26-May-2004

Author:       Donato Ferrante
               e-mail: fdonato@autistici.org
               web:    www.autistici.org/fdonato


xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

1. Description
2. The bug
3. The code
4. The fix



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

----------------
1. Description:
----------------

Vendor's description:

"MiniShare is meant to serve anyone who has the need to share files
to anyone, doesn't have a place to store the files on the web,
and does not want or simply does not have the skill and possibility
to set up and maintain a complete HTTP-server software such as Apache.
The application is meant to be as easy to use as any common software
most users use daily. However, this doesn't mean experienced users
can't find it useful."



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

------------
2. The bug:
------------

The program is unable to manage some user's requests.
In fact it waits at the end of each request at least two newlines.
So if you send to the webserver a GET or an HEAD request with no or
at most one newline, the webserver will crash.



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

-------------
3. The code:
-------------

To test the vulnerability send to the webserver a request like:

GET:

1. GET /something HTTP/1.1
 
2. GET /something HTTP/1.1\n
 


HEAD:

1. HEAD /something HTTP/1.1
 
2. HEAD /something HTTP/1.1\n
 


and the webserver will crash.



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

------------
4. The fix:
------------

Vendor was contacted.
Bug will be fixed in the next version.



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us | Help
Copyright 2004, SecurityGlobal.net LLC