VeriSign, Inc.® US Home | Worldwide Sites | Site Map
Products & Services Solutions Support About VeriSign Login for existing VeriSign customers
You Are Here: US Home > VeriSign iDefense Security Intelligence Service > Current Intelligence > Vulnerability Advisories > 2002 > 11.04.02

Denial of Service Vulnerability in Xeneo Web Server

I. BACKGROUND

Northern Solutions' Xeneo Web Server is a "fast, compact web server that makes it easy to set up and administer a web site on the Windows platform." More information about the application is available at http://www.northernsolutions.com/index.php?view=product&id=1.

II. DESCRIPTION

Due to the improper handling of a specially crafted web request, remote attackers may launch a denial of service attack against the PHP version of Xeneo. The condition is triggered when the web server receives a request for '%'. Upon successful exploitation, the web server will crash with a Microsoft Visual C++ runtime error message. The following is an example attack URL:

http://target.server/%

III. ANALYSIS

Any remote user with access to the application can launch this attack, thereby denying legitimate users access to the server and the contents and/or additional services provided.

IV. DETECTION

Xeneo 2.1.0.0 (PHP version) and 2.0.759.6 are vulnerable.

V. WORKAROUND

Use a filtering web proxy server to help mitigate against exploitation.

VI. VENDOR FIX

Xeneo 2.1.5 and later should fix the problem. The latest release is version 2.1.6.0, and it can be downloaded at http://www.northernsolutions.com/downloads/xeneo_php_setup.exe.

VII. CVE INFORMATION

The Mitre Corp.'s Common Vulnerabilities and Exposures (CVE) Project assigned the identification number CAN-2002-1248 to this issue.

VIII. DISCLOSURE TIMELINE

10/06/2002 Issue disclosed to iDEFENSE
10/31/2002 Author notified
10/31/2002 iDEFENSE clients notified
10/31/2002 Response received from Robert Shanahan (rshan@northernsolutions.com)
11/04/2002 Public disclosure


IX. CREDIT

Tamer Sahin (ts@securityoffice.net) discovered this vulnerability.


Need more information?
Speak with a service representative at 650-426-5310 Request information online


Contact Us
Please contact sales at
650-426-5310 or
submit your inquiry online.
VeriSign iDefense Security Intelligence Service
Security Intelligence Service Levels
Alerts, Reports, and Briefings
Methodology
Research and Response Teams
Current Intelligence
Topical Research Reports
Vulnerability Advisories
Malicious Code Advisories
Information Center
Security Intelligence Webcasts
Proactive Security Intelligence
Intelligence for Patch Management
Early Threat Warning
Contact Us Careers Legal Notices Privacy Repository ©1995-2007 VeriSign, Inc. All rights reserved.
Products & Services  :  Solutions  :  Support  :  About VeriSign  :  Existing Customers
US Home  :  Worldwide Sites  :  Site Map  :  Search
VeriSign (Nasdaq: VRSN) operates intelligent infrastructure services that enable and protect billions of interactions across the world's voice and data networks. VeriSign offerings include SSL Certificates, two-factor authentication, identity protection, managed network security, public key infrastructure (PKI), security consulting, information management, as well as solutions for intelligent communications, commerce, and content. VeriSign is also building next-generation service offerings for emerging opportunities such as RFID-enabled supply chains, VoIP technology, and digital-content distribution over mobile and broadband networks.