|
Bugtraq
mailing list archives
interSEC security advisory - Multiple bugs in Web602 web server
From: Jan Kachlik <jkachlik () isgroup com>
Date: Fri, 18 Oct 2002 08:29:30 +0200
===[ interSEC - Advisory ]=================================[ Adv. ID: 2002-10-001 ]==
Advisory Information
--------------------
Name : Multiple bugs in Web602 web server
Vendor Homepage : http://www.software602.cz
Platforms : Windows
Vulnerability Type : Multiple bugs
Vendor Contacted : 30/08/2002
Vendor Replied : 06/09/2002
Non affected version : 2002.0.02.0916
Vulnerable Versions: v1.xx
Product Description
-------------------
Web602 is a fully functional http server for windows 95/98/NT.
It is easily configurable and is quite easy to use.
Bug #1: Free access to /admin/ section without login
affected:Czech version all.
-------------------
All users have access to /admin/ directory without password.
This is only for Czech version.
Bug #2: DoS with comX, Aux, LPT
affected: 1.04 all Language
-------------------
When attacker send GET, POST request with /com1 /aux /lpt1 server crash.
example: GET /com1
Bug #3: Directory Tree
affected: All version
-------------------
When attacker add behind URL char "~" or string ".bak" server return directory tree.
example: GET /index.html~ or GET /index.html.bak
Solution
--------
Install latest version. Latest version without bugs is 2002.0.02.0916
Credits
-------
+---------------------------------+
' Kachlik Jan '
' Security & Network Specialist '
' InterSource Solutions Group '
' Mathonova 25, 613 00 Brno CZ '
' Mail: jkachlik () isgroup com '
+---------------------------------+ Attachment:
interSEC-2002-10-001.sa
Description:
 By Date 
By Thread
Current thread:
- interSEC security advisory - Multiple bugs in Web602 web server Jan Kachlik (Oct 18)
|
Intro
