SENKAS Kolibri Webserver is a free very simple web server for Microsoft Windows that supports serving static web content.
Kolibri Webserver is vulnerable to a stack buffer overflow as a result of failure to properly validate user-supplied input when handling HTTP GET requests. A remote attacker that supplies an overly long URI in a GET request could potentially execute arbitray code in the context of the Kolibri server.
Deploy an alternate web server product or apply a patch when and if it becomes available.
Exploit works against Kolibri Webserver 2.0 running on English versions of Windows XP SP2, Windows 2003 SP2 and Windows 7 SP1.
Windows XP / Windows Server 2003