Home page logo
/

bugtraq logo Bugtraq mailing list archives

Tornado www-server v1.2: directory traversal, buffer overflow
From: D4rkGr3y <grey_1999 () mail ru>
Date: Thu, 29 May 2003 16:09:45 -0700

-----BEGIN PGP SIGNED MESSAGE-----


################################################################
#                     _____   __   __  ___                     #
#             ........\    \.|  |.|  |/   \........            #
#             :       /     \|  | |  |   __>      :            #
#             :      /   _   \  |_|  |  / __      :            #
#             :     /    /    \      | <_/  \     :            #
#             :..../   _/     /  _   |   `   \....:            #
#                : \_________/__| |__|_______/ :               #
#                :   Damage   Hacking   Group  :               #
#                :      Security  Advisory     :               #
#                :.............................:               #
#                                                              #
#                     http://www.dhgroup.org                   #
#b                                                            d#
##b,________________________________________________________.d##
|                                                              |
  Product: Tornado www-server v1.2
  Authors: www.softrex.com/tornado/
| Vulnerability: multiple bugs                                 |
#--------------------------------------------------------------#
| Overview:                                                    |
  ~~~~~~~~~

  Another one http server
|                                                              |
#--------------------------------------------------------------#
| Problem:                                                     |
  ~~~~~~~~

 This server is one BiG problem. IMHO is most dangerous server.
 Main bug in DNA ;D Attacker may see any files in system (but
 only if he know path and filename), may crash server (and exec
 malicious code) by sending long http request. Examples:

 www.server.com/../existing_file           <-file be showed
 
 www.server.com/aa[more than 471 chars]
|                                                              |
#--------------------------------------------------------------#
| Exploit:                                                     |
  ~~~~~~~~
  
 Naah, its not interesting. Lets authors code something better.
|                                                              |
#--------------------------------------------------------------#
| :wow:                                                        |
   ~~~
   NeKr0 /DHG                                 www.dhgroup.org
|                                                              |
#______________________________________________________________#
 \___________________________da_end___________________________/ 

Best regards               www.dhgroup.org
  D4rkGr3y                    icq 540981



-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQCVAwUBPtaTMW4LIpseSJmPAQFU5AP/bO2H6whq/DXFdjYndYthn3sC35RlR6Lh
TF9tuOZyTPzsRwf0wKZEw3ivtyoAKVL3Qn6a+kCC7XE049TViDujQ5ykevkADl41
aA1E+wqV23xZjJfLuDBuJNgl2TbaJop+qYvrE5Rh83k81q4MdGLAuwQkM57M5xch
5JSPz5M1yC0=
=dw5D
-----END PGP SIGNATURE-----


  By Date           By Thread  

Current thread:
  • Tornado www-server v1.2: directory traversal, buffer overflow D4rkGr3y (May 29)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault