AnalogX SimpleServer:WWW 1.03 DoS Vulnerability
BID:1076
Info
AnalogX SimpleServer:WWW 1.03 DoS Vulnerability
| Bugtraq ID: | 1076 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | Yes |
| Published: | Mar 25 2000 12:00AM |
| Updated: | Mar 25 2000 12:00AM |
| Credit: | Posted to Bugtraq on March 25, 2000 by Presto Chango <[email protected]>. |
| Vulnerable: |
AnalogX SimpleServer:WWW 1.0.3 |
| Not Vulnerable: |
AnalogX SimpleServer:WWW 1.0.4 |
Discussion
AnalogX SimpleServer:WWW 1.03 DoS Vulnerability
Requesting a URL containing a string of exactly eight characters following the /cgi-bin/ directory (17 characters in total) will cause AnalogX SimpleServer:WWW to shut down.
Requesting a URL containing a string of exactly eight characters following the /cgi-bin/ directory (17 characters in total) will cause AnalogX SimpleServer:WWW to shut down.
Exploit / POC
AnalogX SimpleServer:WWW 1.03 DoS Vulnerability
http://target/cgi-bin/<8 character long string>
http://target/cgi-bin/<8 character long string>
Solution / Fix
AnalogX SimpleServer:WWW 1.03 DoS Vulnerability
Solution:
AnalogX has released SimpleServer:WWW 1.0.4 which rectifies this issue.
AnalogX SimpleServer:WWW 1.0.3
Solution:
AnalogX has released SimpleServer:WWW 1.0.4 which rectifies this issue.
AnalogX SimpleServer:WWW 1.0.3
-
AnalogX Simple Server WWW 1.04
http://www.analogx.com/files/sswwwi.exe