Denial of Service Vulnerability in Xeneo Web Server
11.04.02BACKGROUND
Northern Solutions' Xeneo Web Server is a "fast, compact web server that makes it easy to set up and administer a web site on the Windows platform." More information about the application is available at http://www.northernsolutions.com/index.php?view=product&id=1.
DESCRIPTION
Due to the improper handling of a specially crafted web request, remote attackers may launch a denial of service attack against the PHP version of Xeneo. The condition is triggered when the web server receives a request for '%'. Upon successful exploitation, the web server will crash with a Microsoft Visual C++ runtime error message. The following is an example attack URL:
http://target.server/%
ANALYSIS
Any remote user with access to the application can launch this attack, thereby denying legitimate users access to the server and the contents and/or additional services provided.
DETECTION
Xeneo 2.1.0.0 (PHP version) and 2.0.759.6 are vulnerable.
WORKAROUND
Use a filtering web proxy server to help mitigate against exploitation.
VENDOR RESPONSE
Xeneo 2.1.5 and later should fix the problem. The latest release is version 2.1.6.0, and it can be downloaded at http://www.northernsolutions.com/downloads/xeneo_php_setup.exe.
CVE INFORMATION
The Mitre Corp.'s Common Vulnerabilities and Exposures (CVE) Project assigned the identification number CAN-2002-1248 to this issue.
DISCLOSURE TIMELINE
10/06/2002 Issue disclosed to iDEFENSE
10/31/2002 Author notified
10/31/2002 iDEFENSE clients notified
10/31/2002 Response received from Robert Shanahan (rshan@northernsolutions.com)
11/04/2002 Public disclosure
CREDIT
Tamer Sahin (ts@securityoffice.net) discovered this vulnerability.