SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com





Category:   Application (Web Server/CGI)  >   MiniShare Vendors:   minishare.sourceforge.net
MiniShare Can Be Crashed By Remote Users With Incomplete HTTP Requests
SecurityTracker Alert ID:  1010291
SecurityTracker URL:  http://securitytracker.com/id/1010291
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  May 26 2004
Impact:   Denial of service via network
Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): 1.3.2
Description:   Donato Ferrante reported a vulnerability in MiniShare. A remote user can cause the service to crash.

It is reported that a remote user can send an HTTP GET or HEAD request with one or fewer newline characters to cause the web server to crash.
Impact:   A remote user can cause the web service to crash.
Solution:   No solution was available at the time of this entry. The vendor reportedly plans to issue a fix in the next version.
Vendor URL:  minishare.sourceforge.net/ (Links to External Site)
Cause:   Exception handling error, State error
Underlying OS:   Windows (Any)

Message History:   None.

 Source Message Contents
Date:  Wed, 26 May 2004 13:13:11 -0000
Subject:  DoS in MiniShare 1.3.2


                            Donato Ferrante


Application:  MiniShare
               http://minishare.sourceforge.net/

Version:      1.3.2

Bug:          Denial Of Service

Date:         26-May-2004

Author:       Donato Ferrante
               e-mail: fdonato@autistici.org
               web:    www.autistici.org/fdonato


xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

1. Description
2. The bug
3. The code
4. The fix



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

----------------
1. Description:
----------------

Vendor's description:

"MiniShare is meant to serve anyone who has the need to share files
to anyone, doesn't have a place to store the files on the web,
and does not want or simply does not have the skill and possibility
to set up and maintain a complete HTTP-server software such as Apache.
The application is meant to be as easy to use as any common software
most users use daily. However, this doesn't mean experienced users
can't find it useful."



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

------------
2. The bug:
------------

The program is unable to manage some user's requests.
In fact it waits at the end of each request at least two newlines.
So if you send to the webserver a GET or an HEAD request with no or
at most one newline, the webserver will crash.



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

-------------
3. The code:
-------------

To test the vulnerability send to the webserver a request like:

GET:

1. GET /something HTTP/1.1
-
2. GET /something HTTP/1.1\n
-


HEAD:

1. HEAD /something HTTP/1.1
-
2. HEAD /something HTTP/1.1\n
-


and the webserver will crash.



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

------------
4. The fix:
------------

Vendor was contacted.
Bug will be fixed in the next version.



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

Copyright 2012, SecurityGlobal.net LLC