Kolibri WebServer HTTP POST Request Handling Remote Stack Buffer Overflow

2014-10-10T00:00:00
ID SAINT:0B5447FA11383658BFD1DBC57F43B9CC
Type saint
Reporter SAINT Corporation
Modified 2014-10-10T00:00:00

Description

Added: 10/10/2014
CVE: CVE-2014-5289
BID: 69263
OSVDB: 110142

Background

SENKAS Kolibri Webserver is a free very simple web server for Microsoft Windows that supports serving static web content.

Problem

Kolibri Webserver is vulnerable to a stack buffer overflow as a result of failure to properly validate user-supplied input when handling HTTP POST requests. A successful remote attacker could potentially execute arbitray code in the context of the Kolibri server.

Resolution

Deploy an alternate web server product or apply a patch when and if it becomes available.

References

<http://www.securityfocus.com/archive/1/533150/30/270/threaded>

Limitations

Exploit works against Kolibri Webserver 2.0 running on English versions of Windows XP SP2 32-bit, Windows XP SP3 32-bit and Windows 7 32-bit and 64-bit.

Platforms

Windows XP SP2
Windows XP SP3
Windows 7