Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: Apps :: ceilidh.htm

Ceilidh v2.60a - spawn multiple copies to deplete system resources



Vulnerability

    Ceilidh

Affected

    Microsoft Windows NT v4.0 Workstation (SP6) with Ceilidh v2.60a (build date 3-04-2000)

Description

    Following  is  based  on  Delphis  Consulting  Plc  Security  Team
    Advisories.   The  html  code  which  is  generated by ceilidh.exe
    (example URL below)  contains a hidden  form field by  the name of
    "translated_path".  This path is the REAL location of the  Ceilidh
    files (typically under Web root).  Example URL:

        http://127.0.0.1/cgi-bin/ceilidh.exe/ceilidh/?N4

    By using  a specially  crafted POST  statement it  is possible  to
    spawn multiple  copies of  ceilidh.exe each  taking 1%  of CPU and
    700k of memory.  This can be sent multiple times to cause resource
    depletion on the remote host.  To free all the resources  you must
    shutdown and restart the World Wide Web Publishing Service.

Solution

    Currently there is no known solution to the problem.


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH