Kolibri WebServer HTTP GET Request Handling Buffer Overflow

2014-08-07T00:00:00
ID SAINT:E87AE4AF6018B32775EFF3EA40C187E1
Type saint
Reporter SAINT Corporation
Modified 2014-08-07T00:00:00

Description

Added: 08/07/2014
CVE: CVE-2014-4158
BID: 68195
OSVDB: 108090

Background

SENKAS Kolibri Webserver is a free very simple web server for Microsoft Windows that supports serving static web content.

Problem

Kolibri Webserver is vulnerable to a stack buffer overflow as a result of failure to properly validate user-supplied input when handling HTTP GET requests. A remote attacker that supplies an overly long URI in a GET request could potentially execute arbitray code in the context of the Kolibri server.

Resolution

Deploy an alternate web server product or apply a patch when and if it becomes available.

References

<http://www.zerodaylab.com/vulnerabilities/CVE-2014/CVE-2014-4158.html>

Limitations

Exploit works against Kolibri Webserver 2.0 running on English versions of Windows XP SP2, Windows 2003 SP2 and Windows 7 SP1.

Platforms

Windows XP / Windows Server 2003
Windows 7