"Reptile is a web server made in Python. It supports server side
scripting with "Embedded Python", PHP, and CGI scripts. It has an
integrated HTML/XML validator that checks the pages before publication
and others handy features."
The program doesn't well manage the user input string.
In fact it waits the HTTP version. So an attacker can consume a lot of
CPU resources, sending crafted strings.
Application: Reptile Web Server
http://sourceforge.net/projects/reptilews
Version: daily version
Bug: resources consumption
Author: Donato Ferrante
e-mail: fdonato (at) autistici (dot) org [email concealed]
web: www.autistici.org/fdonato
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
1. Description
2. The bug
3. The code
4. The fix
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
----------------
1. Description:
----------------
Vendor's Description:
"Reptile is a web server made in Python. It supports server side
scripting with "Embedded Python", PHP, and CGI scripts. It has an
integrated HTML/XML validator that checks the pages before publication
and others handy features."
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
------------
2. The bug:
------------
The program doesn't well manage the user input string.
In fact it waits the HTTP version. So an attacker can consume a lot of
CPU resources, sending crafted strings.
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
-------------
3. The code:
-------------
To test the vulnerability simply send to the webserver some (about 10)
strings like:
GET index.htm
without specify the HTTP* at the end of the GET request, and where
the requested file must be avaible in the public_html directory.
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
------------
4. The fix:
------------
No fix.
Reptile Web Server is no more supported.
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
[ reply ]