[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: Resources consumption in Reptile webserver daily version
From: "Donato Ferrante" <fdonato () autistici ! org>
Date: 2004-01-24 17:41:40
Message-ID: 006801c3e2a1$55b679e0$72bb623e () BlueHell
[Download RAW message or body]
Donato Ferrante
Application: Reptile Web Server
http://sourceforge.net/projects/reptilews
Version: daily version
Bug: resources consumption
Author: Donato Ferrante
e-mail: fdonato@autistici.org
web: www.autistici.org/fdonato
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
1. Description
2. The bug
3. The code
4. The fix
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
----------------
1. Description:
----------------
Vendor's Description:
"Reptile is a web server made in Python. It supports server side
scripting with "Embedded Python", PHP, and CGI scripts. It has an
integrated HTML/XML validator that checks the pages before publication
and others handy features."
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
------------
2. The bug:
------------
The program doesn't well manage the user input string.
In fact it waits the HTTP version. So an attacker can consume a lot of
CPU resources, sending crafted strings.
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
-------------
3. The code:
-------------
To test the vulnerability simply send to the webserver some (about 10)
strings like:
GET index.htm
without specify the HTTP* at the end of the GET request, and where
the requested file must be avaible in the public_html directory.
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
------------
4. The fix:
------------
No fix.
Reptile Web Server is no more supported.
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic