The Sambar web server version 4.3 Beta 2 is vulnerable to remote buffer overflow. Dos example included.
e480e4ea52df200307b608978e22215ea04221336cc1ca0297728e71575dd718
Remote attack on Sambar Server 4.3 Beta 2
It is possible to crash sambar server by causing buffer overflow.
The attack isn't recorded at the logs.
You can make the attack by connecting the remote server at port 80,
by telnet or any other program you find.
You can do it by connection to the remote server to port 80, write "get"
and keep pressing enter until the connection will be lost (you should
click and
not realese the enter button).
Faster way to do it is by connecting to the server and entering this
commands:
get
get
g
g
g
Return-Path: <sashal@surfree.net.il>
Date: Tue, 07 Dec 1999 20:52:08 +0200
X-Accept-Language: en
Subject: Sambar Server 4.3 BETA 2 Bug
[Part #1: Type: text/plain, Encoding: 7bit, Size: 794]
It is possible to totaly destroy the server by overflowing the server.
When the attack is made the part of sambar that controls port 80 is
damaged and becomes useless.
The attack is made by your browser, you should connect to the server to
this URL:
www.sambar.com/session/adminlogin?RCpage=/sysadmin/index.stm (when
www.sambar.com is the name of your sambar server).
When it asks for username/password enter very long username and password
(over 256 chars), you will know that it's long enough when you won't see
anymore what you typed, you must enter ir in both username and password.
Repeat this proccess for some time (about 5-10 times), you won't see any
result but the next time the server is started it will show message box
that says: "Failure initilazing server, see server.log".