Tripbit Security Advisory | TA-210603 |
Severity:
|
Medium/High |
Application: |
Twilight WebServer v1.3.3.0 |
Platform: |
Windows |
Class: |
Insufficient Boundary Checking |
Release
Date: |
June 20th, 2003 |
Vendor:
|
http://www.twilightutilities.com |
Twilight
Internet Web Server features: - Installs in seconds - Lets you INSTANTLY share pictures and files - Modem aware - Automates telling friends and family when you start serving - Automatically integrates your web camera - Allows others to send files to you - Automatically generates web pages - Supports file resume - A truly unique files-sharing tool |
A
security vulnerability in Twilight WebServer allows remote attackers to
crash the server by sending two and too long GET requests with a size
of 1052 bytes and more for each request. |
Upgrade your Twilight WebServer to the new fixed version v.1.3.4.0. This
version is available at http://www.twilightutilities.com.
|
The
vendor has been notified. He didn't answer to our report, but
since yesterday there is a new fixed version available for download. |
The
information within this paper may change without notice. Use of this information
constitutes acceptance for use in an 'AS IS' condition. There are 'NO'
warranties with regard to this information. In no event shall the author
be liable for any damages whatsoever arising out of or in connection with
the use or spread of this information. Any use of this information is
at the user's own risk. |
This
vulnerability has been found and researched by: posidron posidron@tripbit.org rushjo rushjo@tripbit.org |
You
can find the latest version of this warning under the following URL: http://www.tripbit.org/advisories/TA-210603.html |