Home page logo
/

bugtraq logo Bugtraq mailing list archives

ScriptEase MiniWeb Server DoS Vulnerability
From: "Tamer Sahin" <ts () securityoffice net>
Date: Tue, 19 Feb 2002 21:35:05 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ScriptEase MiniWeb Server DoS Vulnerability

Type:

DoS, crashes Daemon

Release Date:

February 19, 2002

Product / Vendor:

The ScriptEase MiniWeb Server, written entirely in ScriptEase, is
being distributed free by Nombas. This server is not intended to
compete with commercial web servers, rather it is meant to allow you
to easily setup a personal web site and for testing page design and
CGI scripts.

http://www.nombas.com

Summary:

ScriptEase MiniWeb Server is subject to a denial of service.
Submitting a request of unusual length to the host will cause the
server to crash. A restart is required in order to gain normal
functionality.

http://host/AAAAAA...(Ax2000)...AAAAAA

Tested:

Windows 2000 / ScriptEase MiniWeb Server v0.95

Vulnerable:

ScriptEase MiniWeb Server v0.95 (And may be other)

Disclaimer:

http://www.securityoffice.net is not responsible for the misuse or
illegal use of any of the information and/or the software listed on
this security advisory.

Author:

Tamer Sahin
ts () securityoffice net
http://www.securityoffice.net

Tamer Sahin
http://www.securityoffice.net
PGP Key ID: 0x2B5EDCB0

-----BEGIN PGP SIGNATURE-----
Version: PGP 7.1

iQA/AwUBPHKo57uLpFMrXtywEQKBbACgtrwUc1G8n0o4DIA/rdmSrYLFKHAAoJFY
pc1JjM45gP7RgcgW+HLkC+oP
=ALaR
-----END PGP SIGNATURE-----





  By Date           By Thread  

Current thread:
  • ScriptEase MiniWeb Server DoS Vulnerability Tamer Sahin (Feb 20)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault