Bugtraq mailing list archives
Savant 3.0 web server vulnerability
From: Phiber <phiber () xatrix org>
Date: Fri, 9 Mar 2001 00:12:44 +0100
Vendor Name: Savant Product: Savant 3.0 web server Discoverd by: Xatrix Url: www.xatrix.org 1. About software Savant web server has been written by Michael Lamont (http://savant.sourceforge.com) it is very configurable freeware http deamon for win95/98. It's current version is 3.0 2. Full Detail It is known that you can crash Savant web server 2.1 and 2.0 by sending something like this '%00'(that was discoverd by Ussr), and it was fixed in version 3.0 but something like that is still present in 3.0; by sending something like (e.g.) www.web_server_that_runs_on_SAVANT.com/%%% web server can be crashed. 3. Closing word I hope that vendor will proved patch,or meybe release new version of web server which will be immune to this type of DoS. Hello goes to Ussr team for discovering this problem long time ago ... "Stay informed, visit XatriX security" >> www.xatrix.org <<
Current thread:
- Savant 3.0 web server vulnerability Phiber (Mar 09)