Application: ITAfrica's WEBactive version 1.00
Problem Type: Denial of Service
Platform(s): Windows 95/NT
Vendor Status: Not Informed, Project discontinued(I think)
Download URL: ftp://ftp.mira.net/mirrors/winsock-l/Windows95/Daemons/HTTPD/activ100.zip
WEBactive HTTP Server 1.00 is an HTTP/1.00-compliant World Wide Web server daemon for
Windows 95 or Windows NT, specifically designed for the SOHO (Small Office/Home)
environment. It will operate on any TCP/IP connection to the Internet, whether via temporary
dial-up or permanent leased-line connectivity.
The problem is with bounds checking, when you request 280 characters Webactiv.exe just shuts down.
*Also* by simply requesting /Active.log, you can view the webserver log, because Active.log is
the default logfile name and the default directory is where that file is stored.
Heh, this server was discontinued as far as I see... it is rather dated and doesn't support much.
Seeing as it was last revised in 1996, i think contacting the vendor would be rather meaningless... Also the fact that it is HTTP/1.00-compliant kind of hints it is no longer being updated.
Lamagra, Scrippie, eth0, Cruciphux/HWA and many others...