Secunia Research: Xeneo Web Server URL Encoding Denial of Service

====================================================================== 

                    Secunia Research 23/04/2003 

         - Xeneo Web Server URL Encoding Denial of Service -

====================================================================== 
Receive Secunia Security Advisories for free: 
http://www.secunia.com/secunia_security_advisories/

====================================================================== 
Table of Contents 
1....................................................Affected Software 
2.............................................................Severity 
3.....................................Vendor's Description of Software 
4.........................................Description of Vulnerability 
5.............................................................Solution 
6...........................................................Time Table 
7..............................................................Credits 
8........................................................About Secunia 
9.........................................................Verification 

====================================================================== 
1) Affected Software 

Xeneo Web Server 2.2.9 and prior. 

====================================================================== 
2) Severity 

Rating:  Moderately critical
Impact:  Denial of Service
Where:   From Remote

====================================================================== 
3) Vendor's Description of Software

"Xeneo Web Server is designed to deliver high performance and
reliability. It can be easily extended and customized to host 
everything from a personal web site to advanced web applications that
use ASP, PHP, ColdFusion, Perl, CGI and ISAPI." 

"Key Xeneo Web Server features include: multiple domain support,
integrated Windows authentication, scripting interface, enhanced 
filter support, ISAPI, CGI, ASP, SSL, intelligent file caching and
more."

Vendor: 
http://www.northernsolutions.com

====================================================================== 
4) Description of Vulnerability

A vulnerability in Xeneo Web Server can be exploited by malicious 
people to cause a DoS (Denial of Service) on the web service.

The vulnerability is caused due to an error in the handling of 
requests including a malformed URL encoding representation of a 
character. By sending a request like the following, "xeneo.exe" will 
crash with a runtime error.

Example: 
http://[victim]/%A

The web service needs to be restarted manually before functionality 
is restored.

====================================================================== 
5) Solution 

The vendor quickly responded by releasing version 2.2.10. 

http://www.northernsolutions.com/index.php?view=product&sec=download&id=1

====================================================================== 
6) Time Table 

22/04/2003 - Vulnerability discovered. 
22/04/2003 - Vendor notified. 
23/04/2003 - Vendor response. 
23/04/2003 - Public disclosure. 

====================================================================== 
7) Credits 

Discovered by Carsten H. Eiram, Secunia Research. 

====================================================================== 
8) About Secunia 

Secunia collects, validates, assesses and writes advisories regarding 
all the latest software vulnerabilities disclosed to the public. 
These advisories are gathered in a publicly available database at the 
Secunia website: 

http://www.secunia.com/

Secunia offers services to our customers enabling them to receive all 
relevant vulnerability information to their specific system 
configuration. 

Secunia offers a FREE mailing list called Secunia Security Advisories: 

http://www.secunia.com/secunia_security_advisories/

====================================================================== 
9) Verification 

Please verify this advisory by visiting the Secunia website: 
http://www.secunia.com/secunia_research/2003-5/

======================================================================