Liteserve Buffer Overflow in Handling Server's
Log.
=================================================
PROGRAM:
Liteserve
HOMEPAGE:http://www.cmfperception.com/liteserve.html
VULNERABLE VERSIONS: 2.2 and
below
DESCRIPTION
=================================================
LiteServe
is a powerful, full-featured Web, Mail, FTP, and Telnet server.
This server
software is perfect for personal websites or commercial sites
with high
traffic demands and multiple domains.
DETAILS
=================================================
If LiteServe receives a request with a long file name like
this:
GET /aaaaaaaaaaaaaaaaaaaaaa...htm HTTP/1.0 (the number of "a"
must
be around 1 to 3 thousands, use a fuzzer like SPike to duplicate the
exploit) will cause a buffer overflow when the webmaster sees the
server
log and click on the request using LiteServe
interface.
WORKAROUND
=================================================
Don't
use the LiteServe Interface to view the server's log. Apply
the patch from
vendor.
CREDITS
=================================================
Discovered
by Tri Huynh and Baryaley from Sentry
Union
DISLAIMER
=================================================
The
information within this paper may change without notice. Use of
this
information constitutes acceptance for use in an AS IS condition.
There are
NO warranties with regard to this information. In no event
shall the author
be liable for any damages whatsoever arising out of
or in connection with the
use or spread of this information. Any use
of this information is at the
user's own
risk.
FEEDBACK
=================================================
Please
send suggestions, updates, and comments to: [EMAIL PROTECTED]
|
