Advisories : Vulnerabilities in SmallHTTP Server

main menu

- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news

discussions

- read forum
- new topic
- search

meetings

- meetings list
- recent additions
- add your info

top 100 sites

- visit top sites
- sign up now
- members

webmasters

- add your url
- add domain
- search box
- link to us

projects

- our projects
- free email

m4d network

- security software
- secureroot
- m4d.com

Home : Advisories : Vulnerabilities in SmallHTTP Server

Title:	Vulnerabilities in SmallHTTP Server
Released by:	403-security
Date:	14th November 2000
Printable version:	Click here

403-security SECURITY ADVISORY



Product: SmallHTTPServer

Version: 2.01

Author: astral@403-security.org

Homepage: http://www.403-security.org

 

1st Problem:

By default if user send request without file name 

specified (http://host/subdirectory/) 

HTTPServer will look for index.html in that folder and 

if doesn't exist it will fill memory 

with 68K. Directory doesn't need to exist. So anyone 

can write a small program that sends

lot requests to fill out memory. (5000 request will fill 

300Mb of memory)

 

2nd Problem:

SmallHTTPServer supports 

ServerSidesIncludes.When HTTPServer finds SSI 

Tag that looks 

like this  it will crash. 

#tag_name can be any of supported 

(#fsize,#include,#printenv...). In order to execute SSI 

tags file must be *.shtm or *.html.

 

3rd Problem:

This insecure Server will crash if attacker sends out 

few GET, HEAD or POST requests and closes 

connection before Server

answered.

 



Exploit: Maybe ... but still everything is very easy to 

reproduce.

Fix: Vendor fixed this problem by issuing new version 

(2.03)