DiGi WWW Server version Compieuw.1 suffers from a DoS vulnerability due to a malformed URL.
b59f8b508b853385cef1f02cb1e03b73784841a4adaa41136efa8c3c2438f65c
Donato Ferrante
Application: DiGi WWW Server
http://wwwserver.sourceforge.net
Version: Compieuw.1
Bug: resources consumption
Date: 27-Apr-2004
Author: Donato Ferrante
e-mail: fdonato@autistici.org
web: www.autistici.org/fdonato
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
1. Description
2. The bug
3. The code
4. The fix
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
----------------
1. Description:
----------------
Vendor's Description:
"DiGi WWW Server is a webserver. It is easy-to-use but also supports
access control, virtual folders and multiple ports. You can use plugin
dll's to add extra functionality. The server can run as a GUI
application and as an NT service."
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
------------
2. The bug:
------------
The program has a procedure that makes a conversion, it parses the
request strings replacing all the occurrences of slash with backslash.
So if you send to the webserver a crafted big request full of '/',
the server will be freezed by consuming a lot of CPU resources.
Furthermore it's also possible to freeze the server by sending to it a
long http request.
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
-------------
3. The code:
-------------
To test the vulnerability, send to the webserver an http request like:
GET /// [ 660 kb of / ] /// HTTP/1.1
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
------------
4. The fix:
------------
Bug fixed in the version Compieuw.2.
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx