Lucene search
K

00047-08302004.txt

🗓️ 02 Sep 2004 00:00:00Reported by James BercegayType 
packetstorm
 packetstorm
🔗 packetstormsecurity.com👁 26 Views

Xedus 1.0 P2P web server has vulnerabilities, including denial of service and cross site scripting issues.

Code
`##########################################################  
# GulfTech Security Research August, 30th 2004  
##########################################################  
# Vendor : Jerod Moemeka  
# URL : http://www.thinxoft.com  
# Version : Xedus 1.0  
# Risk : Multiple Vulnerabilities  
##########################################################  
  
Description:  
Xedus is a Peer-to-Peer web server and provides you with the   
ability to share files, music, and any other media, as well   
as create robust and dynamic web sites, which can feature   
database access, file system access, with full .net support.   
Powered by a built in server-side, Microsoft C#, scripting   
language; Xedus boasts the ability to create sites that can   
rival web applications built on any other enterprise servers   
like Apache, IIS, Iplanet. With Xedus, you will never need   
to pay to host your sites again. Using the peer-to-peer mode,   
other members of LIVE can access you site by keyword using  
Internet Explorer even if you do not have a static IP address!  
  
  
  
Denial of Service:  
Xedus Webserver cannot handle multiple connections from the   
same host, and will deny all access to any users after a  
number of connections are made from a malicious user. This  
vulnerability can be leveraged by an attacker to deny all  
requests to a website, thus rendering it inaccessible.  
  
  
  
Cross Site Scripting:  
Xedus Webserver comes with a number of test scripts. These  
test scripts are used to display some of the capabilities of  
the Xedus webserver.   
  
http://host:4274/test.x?username=[XSS]  
http://host:4274/TestServer.x?username=[XSS]  
http://host:4274/testgetrequest.x?param=[XSS]  
  
However, the input received by some of these test scripts are   
not properly sanitized. Because the input is not properly  
sanitized, it allows for an attacker to send a malicious url  
that will then render malicious code in the context of a   
victim's web browser. A quick and easy way to resolve these xss  
issues is to delete the .x files located in the ./sampledocs  
folder of the Xedus Webserver installation.  
  
  
  
Directory Traversal Vulnerability:  
Xedus webserver does not properly sanitize requests sent to the  
server. This vulnerability can be exploited to retrieve arbitrary,   
potentially sensitive files from the hosting computer with the   
privileges of the web server. This may aid a malicious user in   
further attacks.  
  
http://host:4274/../data/log.txt  
http://host:4274/../../../../../boot.ini  
http://host:4274/../../../../../WINNT/repair/sam  
  
It should be noted, that by default the Xedus Webserver listens  
for incoming connections on port 4274, however this value can be  
edited by the administrator of the Xedus webserver.  
  
  
  
Solution:  
I contacted the developers but never received a response. To  
resolve the Cross Site Scripting issue, simply remove the sample  
.x scripts located in the ./sampledocs directory  
  
  
  
Related Info:  
The original advisory can be found at the following location   
http://www.gulftech.org/?node=research&article_id=00047-08302004  
  
  
  
Credits:  
James Bercegay of the GulfTech Security Research Team  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation