Savant Web Server 2.0 Denial of Service
Reported December 28, 1999 by USSRLabs
VERSIONS AFFECTED Savant Web Server 2.0 DESCRIPTION
Savant Web Server has a buffer overflow condition caused by appending a NULL character to the end of a URL. The problem causes the server to crash.
The action is logged and looks similar to the entry below:
Attacker Ip - - \[28/Dec/1999:01:11:37 -0600\] "GET /%00/index.htmlindex.htmlindex.htmlindex.htmlindex.htmlindex.htmlindex.
htmlindex.htmlindex.htmlindex.htmlindex.htmlindex.htmlindex.html" 301 279
None known at the time of this writing.
Discovered by USSRLabs