[18576] in bugtraq
thttpd vulnerability NOT the original thttpd - secure web
daemon@ATHENA.MIT.EDU (Fred Cohen)
Fri Jan 12 13:17:44 2001
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <200101110511.VAA16545@all.net>
Date: Wed, 10 Jan 2001 21:11:37 -0800
Reply-To: fc@all.net
From: Fred Cohen <fc@ALL.NET>
To: BUGTRAQ@SECURITYFOCUS.COM
thttpd - the trivial http daemon they are talking about here is NOT the
original thttpd that comes with deception toolkit. This server was
proven secure years ago, and while it may reside on computers that are
vulnerable to denial of service attacks, the original thttpd has NO SUCH
VULNERABILITY!
This is the risk of modifying a reall secure server - assuming they
didn't just take the name as their own. For the real thttpd, goto
all.net and load it with the rest of Deception Toolkit.
FC
> Advisory Name: Brickserver thttpd DoS and possible risk of buffer overflow
> Release Date: 01/09/2001
> Application: thttpd with modifications added by the vendor
> Platform: Brickserver Small Business Model
> Severity: Attackers can easily crash thttpd and possible find an
> exploitable buffer overflow
> Author(s): lockdown
> banned-it
> Vendor Status: Sage inc. has been notifie
--
Fred Cohen at Sandia National Laboratories at tel:925-294-2087 fax:925-294-1225
Fred Cohen & Associates: http://all.net - fc@all.net - tel/fax:925-454-0171
Fred Cohen - Practitioner in Residence - The University of New Haven
This communication is confidential to the parties it is intended to serve.
PGP keys: https://all.net/pgpkeys.html - Have a great day!!!
