iMatix's Xitami Web Server Allows Remote Users to Crash the Web Server
SecurityTracker Alert ID: 1001348|
SecurityTracker URL: http://securitytracker.com/id/1001348
(Links to External Site)
Date: Apr 18 2001
Denial of service via network|
Exploit Included: Yes |
Version(s): 2.5d4, 2.4d7; possibly earlier versions|
It is reported that iMatix's Xitami web server contains a vulnerability that allows remote users to crash the web server.|
If a remote user requests a DOS device via an HTTP request, the server may crash. An example URL is: http://[targethost]/aux
The author of the report notes that some computers crash after this request but others do not and instead provide no indication of error but may not work properly. If the server crashes (for Windows98/Me), the host must be rebooted.
The vendor has reportedly been notified.
A remote user can cause the host to crash.|
No solution was available at the time of this entry.|
Vendor URL: www.imatix.com/html/xitami/index.htm (Links to External Site)
|Underlying OS: Windows (Me), Windows (NT), Windows (95), Windows (98)|
This archive entry has one or more follow-up message(s) listed below.|
Source Message Contents
Subject: Advisory for Xitami 2.4d7, 2.5d4|
[ Advisory for Xitami 2.4d7, 2.5d4 ]
[ Xitami is made by Imatix. ]
[ Site: http://xitami.com ]
[ by nemesystm of the DHC ]
[ (http://dhcorp.cjb.net - firstname.lastname@example.org) ]
[ ADV-0105 ]
Xitami is a webserver. It has a denial of service.
/-|=[who is vulnerable]=|-\
Anyone running Xitami 2.5d4, 2.4d7 and presumably
earlier on a Windows 98/Millennium operating system.
To test this vulnerability, try the following.
send a request like this one:
some computers crash after this request.
Others seem to continue working, but when trying to
browse the website or logging into the FTP server it
fails. Sometimes a refresh of the main page even
works, but no other links work.
Trying to close the server by hitting the terminate
button fails as well, meaning you'll have to
Because some computers do not crash completely or give
any error messages this is dangerous as things seem
to be normal at first glance.
Not known at the moment, vendor was contacted and said
they would look into it. Over a week has gone by and nothing.
Free, encrypted, secure Web-based email at www.hushmail.com