#####################################################* # Damage Hacking Group security advisory # www.dhgroup.org #####################################################* #Product: AN HTTPd server #Authors: [www.st.rim.or.jp] #Vulnerability: DoS, CSS, 'real patch' attack ######################################################* #Overview#--------------------------------------------------------------# This is Japanez http-server for win32-platforms. U can download it from www.st.rim.or.jp. #Problem#---------------------------------------------------------------# (1) real patch attack: http://www.vuln_host.com/[script]?aaaaaa..[1kb]...aaaaaa Where [script] - any cgi\batch script. (2) CSS: http://www.vuln_host.com/[script]?<h1>HACKED</h1>aaaa..[up_to_1kb]..aaaa (3) DoS: http://www.vuln_host.com/aux.cgi?aaaa..[1kb]..aaaa AN HTTPd will return error "broken pipe" every time, when somebody will execute any cgi\batch scripts on it. #Fix#--------------------------------------------------------------------# Download Apache or OmniHTTPd :) #Exploit#----------------------------------------------------------------# ------ #EOF Best regards www.dhgroup.org D4rkGr3y icq 540981
