Your advisory : -----snip----- Vulnerability Description - To exploit this vulnerability, simply do a GET / with 4096 ?'s or more will cause the web server to go down. It is not exploitable at this point. -----snip----- Their advisory : -----snip----- The vulnerability is caused due to an error in the handling of requests including a malformed URL encoding representation of a character. By sending a request like the following, "xeneo.exe" will crash with a runtime error. Example: http://[victim]/%A -----snip----- Confirmed the following Url Encording DoS on 2.2.9.0 : http://localhost/%s Regards, GaLiaRePt From: "badpack3t" <badpack3t@security-protocols.com> : > Nice try lamers. I found this vulnerability and published it on April 21. > Try reading your mail lists before sending out advisories. > > Links: > > http://www.security-protocols.com/article.php?sid=1480&mode=thread&order=0 > http://lists.netsys.com/pipermail/full-disclosure/2003-April/009347.html > > --------------------------- > badpack3t > www.security-protocols.com > --------------------------- > > > > ====================================================================== > > > > Secunia Research 23/04/2003 > > > > - Xeneo Web Server URL Encoding Denial of Service - > > > > ====================================================================== > > Receive Secunia Security Advisories for free: > > http://www.secunia.com/secunia_security_advisories/ > > > > ====================================================================== > > Table of Contents > > 1....................................................Affected Software > > 2.............................................................Severity > > 3.....................................Vendor's Description of Software > > 4.........................................Description of Vulnerability > > 5.............................................................Solution > > 6...........................................................Time Table > > 7..............................................................Credits > > 8........................................................About Secunia > > 9.........................................................Verification > > > > ====================================================================== > > 1) Affected Software > > > > Xeneo Web Server 2.2.9 and prior. > > > > ====================================================================== > > 2) Severity > > > > Rating: Moderately critical > > Impact: Denial of Service > > Where: From Remote > > > > ====================================================================== > > 3) Vendor's Description of Software > > > > "Xeneo Web Server is designed to deliver high performance and > > reliability. It can be easily extended and customized to host > > everything from a personal web site to advanced web applications that > > use ASP, PHP, ColdFusion, Perl, CGI and ISAPI." > > > > "Key Xeneo Web Server features include: multiple domain support, > > integrated Windows authentication, scripting interface, enhanced > > filter support, ISAPI, CGI, ASP, SSL, intelligent file caching and > > more." > > > > Vendor: > > http://www.northernsolutions.com > > > > ====================================================================== > > 4) Description of Vulnerability > > > > A vulnerability in Xeneo Web Server can be exploited by malicious > > people to cause a DoS (Denial of Service) on the web service. > > > > The vulnerability is caused due to an error in the handling of > > requests including a malformed URL encoding representation of a > > character. By sending a request like the following, "xeneo.exe" will > > crash with a runtime error. > > > > Example: > > http://[victim]/%A > > > > The web service needs to be restarted manually before functionality is > > restored. > > > > ====================================================================== > > 5) Solution > > > > The vendor quickly responded by releasing version 2.2.10. > > > > http://www.northernsolutions.com/index.php?view=product&sec=download&id=1 > > > > > > ====================================================================== > > 6) Time Table > > > > 22/04/2003 - Vulnerability discovered. > > 22/04/2003 - Vendor notified. > > 23/04/2003 - Vendor response. > > 23/04/2003 - Public disclosure. > > > > ====================================================================== > > 7) Credits > > > > Discovered by badpack3t, www.security-protocols.com. > > > > ====================================================================== > > 8) About Secunia > > > > Secunia collects, validates, assesses and writes advisories regarding > > all the latest software vulnerabilities disclosed to the public. > > These advisories are gathered in a publicly available database at the > > Secunia website: > > > > http://www.secunia.com/ > > > > Secunia offers services to our customers enabling them to receive all > > relevant vulnerability information to their specific system > > configuration. > > > > Secunia offers a FREE mailing list called Secunia Security Advisories: > > > > http://www.secunia.com/secunia_security_advisories/ > > > > ====================================================================== > > 9) Verification > > > > Please verify this advisory by visiting the Secunia website: > > http://www.secunia.com/secunia_research/2003-5/ > > > > ====================================================================== > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.netsys.com/full-disclosure-charter.html > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
This archive was generated by hypermail 2b30 : Wed Apr 23 2003 - 12:11:03 PDT