===[ interSEC - Advisory ]=================================[ Adv. ID: 2002-10-001 ]== Advisory Information -------------------- Name : Multiple bugs in Web602 web server Vendor Homepage : http://www.software602.cz Platforms : Windows Vulnerability Type : Multiple bugs Vendor Contacted : 30/08/2002 Vendor Replied : 06/09/2002 Non affected version : 2002.0.02.0916 Vulnerable Versions: v1.xx Product Description ------------------- Web602 is a fully functional http server for windows 95/98/NT. It is easily configurable and is quite easy to use. Bug #1: Free access to /admin/ section without login affected:Czech version all. ------------------- All users have access to /admin/ directory without password. This is only for Czech version. Bug #2: DoS with comX, Aux, LPT affected: 1.04 all Language ------------------- When attacker send GET, POST request with /com1 /aux /lpt1 server crash. example: GET /com1 Bug #3: Directory Tree affected: All version ------------------- When attacker add behind URL char "~" or string ".bak" server return directory tree. example: GET /index.html~ or GET /index.html.bak Solution -------- Install latest version. Latest version without bugs is 2002.0.02.0916 Credits ------- +---------------------------------+ ' Kachlik Jan ' ' Security & Network Specialist ' ' InterSource Solutions Group ' ' Mathonova 25, 613 00 Brno CZ ' ' Mail: jkachlik@isgroup.com ' +---------------------------------+
Attachment:
interSEC-2002-10-001.sa
Description: Binary data
