Northern Solutions' Xeneo Web Server is a "fast, compact web server that makes it easy to set up and administer a web site on the Windows platform." More information about the application is available at http://www.northernsolutions.com/index.php?view=product&id=1.
Due to the improper handling of a specially crafted web request, remote attackers may launch a denial of service attack against the PHP version of Xeneo. The condition is triggered when the web server receives a request for '%'. Upon successful exploitation, the web server will crash with a Microsoft Visual C++ runtime error message. The following is an example attack URL:
Any remote user with access to the application can launch this attack, thereby denying legitimate users access to the server and the contents and/or additional services provided.
Xeneo 220.127.116.11 (PHP version) and 2.0.759.6 are vulnerable.
Use a filtering web proxy server to help mitigate against exploitation.
Xeneo 2.1.5 and later should fix the problem. The latest release is version 18.104.22.168, and it can be downloaded at http://www.northernsolutions.com/downloads/xeneo_php_setup.exe.
The Mitre Corp.'s Common Vulnerabilities and Exposures (CVE) Project assigned the identification number CAN-2002-1248 to this issue.
10/06/2002 Issue disclosed to iDEFENSE
10/31/2002 Author notified
10/31/2002 iDEFENSE clients notified
10/31/2002 Response received from Robert Shanahan (email@example.com)
11/04/2002 Public disclosure
Tamer Sahin (firstname.lastname@example.org) discovered this vulnerability.