Xeneo PHP Web Server URL Encoding Input Validation Bug Lets Remote Users Crash the Web Service
|
|
SecurityTracker Alert ID: 1006631 |
|
SecurityTracker URL: http://securitytracker.com/id/1006631
|
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Apr 23 2003
|
Impact:
Denial of service via network
|
Fix Available: Yes Vendor Confirmed: Yes Exploit Included: Yes
|
Version(s): 2.2.9 and prior versions
|
Description:
A denial of service vulnerability was reported in the Xeneo Web Server from Northern Solutions. A remote user can cause the web service to crash.
Secunia Research reported that a remote user can send a specially crafted URL containing a malformed URL encoding character to cause the web service to crash. A demonstration exploit URL is provided:
http://[target]/%A
A manual restart is required to return the web service to normal operations.
|
Impact:
A remote user can cause the web service to crash.
|
Solution:
The vendor has released a fixed version (2.2.10.0), available at:
http://www.northernsolutions.com/index.php?view=product&id=1&sec=download
|
Vendor URL: www.northernsolutions.com/index.php?view=product&id=1 (Links to External Site)
|
Cause:
Input validation error
|
Underlying OS:
Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: 23 Apr 2003 09:49:56 +0200
Subject: [Full-Disclosure] Secunia Research: Xeneo Web Server URL Encoding Denial of Service
|
======================================================================
Secunia Research 23/04/2003
- Xeneo Web Server URL Encoding Denial of Service -
======================================================================
Receive Secunia Security Advisories for free:
http://www.secunia.com/secunia_security_advisories/
======================================================================
Table of Contents
1....................................................Affected Software
2.............................................................Severity
3.....................................Vendor's Description of Software
4.........................................Description of Vulnerability
5.............................................................Solution
6...........................................................Time Table
7..............................................................Credits
8........................................................About Secunia
9.........................................................Verification
======================================================================
1) Affected Software
Xeneo Web Server 2.2.9 and prior.
======================================================================
2) Severity
Rating: Moderately critical
Impact: Denial of Service
Where: From Remote
======================================================================
3) Vendor's Description of Software
"Xeneo Web Server is designed to deliver high performance and
reliability. It can be easily extended and customized to host
everything from a personal web site to advanced web applications that
use ASP, PHP, ColdFusion, Perl, CGI and ISAPI."
"Key Xeneo Web Server features include: multiple domain support,
integrated Windows authentication, scripting interface, enhanced
filter support, ISAPI, CGI, ASP, SSL, intelligent file caching and
more."
Vendor:
http://www.northernsolutions.com
======================================================================
4) Description of Vulnerability
A vulnerability in Xeneo Web Server can be exploited by malicious
people to cause a DoS (Denial of Service) on the web service.
The vulnerability is caused due to an error in the handling of
requests including a malformed URL encoding representation of a
character. By sending a request like the following, "xeneo.exe" will
crash with a runtime error.
Example:
http://[victim]/%A
The web service needs to be restarted manually before functionality
is restored.
======================================================================
5) Solution
The vendor quickly responded by releasing version 2.2.10.
http://www.northernsolutions.com/index.php?view=product&sec=download&id=1
======================================================================
6) Time Table
22/04/2003 - Vulnerability discovered.
22/04/2003 - Vendor notified.
23/04/2003 - Vendor response.
23/04/2003 - Public disclosure.
======================================================================
7) Credits
Discovered by Carsten H. Eiram, Secunia Research.
======================================================================
8) About Secunia
Secunia collects, validates, assesses and writes advisories regarding
all the latest software vulnerabilities disclosed to the public.
These advisories are gathered in a publicly available database at the
Secunia website:
http://www.secunia.com/
Secunia offers services to our customers enabling them to receive all
relevant vulnerability information to their specific system
configuration.
Secunia offers a FREE mailing list called Secunia Security Advisories:
http://www.secunia.com/secunia_security_advisories/
======================================================================
9) Verification
Please verify this advisory by visiting the Secunia website:
http://www.secunia.com/secunia_research/2003-5/
======================================================================
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
|
|
