EXPL-A-2006-005 exploitlabs.com Retro Advisory 002 - SHTTPD: SHTTPD is vulnerable to an overly long GET request.
9ecaa0cca2d02c7da5a4e9a9cc79e5eee2bc762ddd43342d7059ab4877555440------------------------------------------------------------
- EXPL-A-2006-005 exploitlabs.com Retro Advisory 002 -
------------------------------------------------------------
- SHTTPD -
AFFECTED PRODUCTS
=================
SHTTPD < v1.34
http://shttpd.sourceforge.net/
OVERVIEW
========
"SHTTPD is a lightweight web server. The main design
goals are the ease of use and the ability to embed.
Ideal for personal use, web-based software demos
(like PHP, Perl etc), quick file sharing.
A care has been taken to make the code secure"
RETRO-RELEASE DATE:
===================
Oct 10, 2005
Duplicate Release: Oct 06, 2006
by: sk0de
http://secunia.com/advisories/22294/
DETAILS
=======
SHTTPD is vulnerable to an overly long GET request.
SOLUTION
========
patch: Upgrade to v1.35
PROOF OF CONCEPT
================
1.start SHTTPD
2.send an overly long GET request
http://[host]/Ax274 chars ( v1.27 - v1.30 )
http://[host]/Ax256 chars ( v1.34 )
v1.31-v1.33 untested
2a.
PoC by Sk0de
http://www.milw0rm.com/exploits/2482
CREDITS
=======
"sk0de - http://secunia.com/advisories/22294/ "
RETRO-CREDITS
=============
This vulnerability was discovered and researched by
Donnie Werner of Exploitlabs. At the original time
of discovery and retro-release date, the author was
not aware of any other advisories or research by 3rd parties.
Donnie Werner
wood@exploitlabs.com
morning_wood@zone-h.org
--
web: http://exploitlabs.com
http://exploitlabs.com/files/advisories/EXPL-A-2006-005-shttpd.txt
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed