Re: Denial of Service in Xitami webserver all versions...

2000-04-05T00:00:00
ID SECURITYVULNS:DOC:13
Type securityvulns
Reporter Securityvulns
Modified 2000-04-05T00:00:00

Description

Xitami also has an overflow in one of the default example CGI programs that it comes with.

http://server.com/cgi-bin/TESTCGI.EXE bla bla bla overflow argv fun.

Signed, Marc eEye Digital Security http://www.eEye.com

"Its a bullshit, three ring, circus sideshow. The only way to fix it is to flush it all away."

-----Original Message----- | From: VULN-DEV List [mailto:VULN-DEV@SECURITYFOCUS.COM]On Behalf Of | Simon | Sent: Tuesday, April 04, 2000 12:52 PM | To: VULN-DEV@SECURITYFOCUS.COM | Subject: Re: Denial of Service in Xitami webserver all versions... | | | -----BEGIN PGP SIGNED MESSAGE----- | Hash: SHA1 | | VULN-DEV, how-do-you-do! | | I received a response from IMATIX after forwarding the posts from | VULN-DEV re remotely crashing Xitami webserver by sending | simple GET | command. They immediately released 2.4d7 with fix. Also, they have | said that they will now change default install behaviour | of Xitami to | not allow anon FTP logins. | | | -- | | Slбn anois, | | Sнomуn Breathnach | | | Obiter dictum: Entia non sunt multiplicanda praeter necessitatem. | | | ------------------------------>>><><<<------------------------------ | | How To Get In Touch | v===v===v===v===v===v===v | Send Email To: simon@infowizard.co.uk | Fax & Voicemail: 01792 540900 (+44) | | Pretty Good Privacy | v===v===v===v===v===v===v | PGP: http://www.pgp.com | Public Key: http://www.netbanger.com/pgp/pubkey.shtml | Key Server: ldap://certserver.pgp.com | | Very Useful Links | v===v===v===v===v===v===v | The Bat!: http://www.ritlabs.com/the_bat/index.html | Notetab: http://www.notetab.com | | | ------------------------------>>><><<<------------------------------ | | | >>Anyone can remotely crash Xitami webserver by sending simple GET | >>command. On remote side will be: | >> | >>Assertion Failed! | >>Module: D:\Imatix\Develop\Smt\Smthttpl.c , line 745 | >> | >>All you need to do is just telnet to remote computer and execute | >>GET<space><enter><enter> command. Also Xitami will crash if | you'll execute | >>POST<space><enter><enter> or HEAD<space><enter><enter> command. | >> | >> | >>There is another DoS in Xitami. By default installation Xitami | >>allows anonymous users on ftp. So connect to remote computer as | >>anonymous user and execute cd con/con command. | >>----------------------------- | >> | >>romanv@citycat.ru | > | >Tried to bring it down from a remote account which failed, got std http | >error msg back. | >Version Xitami 2.4d1 on Winx, set up for this one on http 8080, without | >authorisation or ipmasks. | > | >Are you sure it ain't because you used a beta version? | >Or did you test some previous versions as well? | >Is it in the console or the std. version? | >Did you compile it yourself or did you get a precompiled version? | > | > | >Questions, questions... | > | >Cheers, Mitch. | | -----BEGIN PGP SIGNATURE----- | Version: PGP 6.5i | Comment: Privacy is freedom. Protect your freedom with PGP. | | iQA/AwUBOOpHxctub/5cfolmEQIpxgCg6s4xL6BxSHg6d1bwacBlFTb7dqAAn3rQ | QH+S43I03/WV3n5rHJVcgbcO | =eyM3 | -----END PGP SIGNATURE----- |