COMMAND

    counter.exe

SYSTEMS AFFECTED

    counter.exe 2.70 (IIS, WebSite Pro)

PROBLEM

    Mnemonix  found  following.   A   denial  of  service  exists   in
    counter.exe version 2.70, a fairly popular webhit counter used  on
    the Win32 platform with web  servers such as IIS and  WebSite Pro.
    There are two different bugs:

    1) When someone requests:

        http://no-such-server-really/scripts/counter.exe?%0A

       this will create an entry  in counter.log of a blank  line then
       a  ",1"  .  If  the  person  then  refreshes  their browser and
       requests it again you get an Access Violation in counter.exe  -
       the instruction at 0x00414c0a referenced memory at 0x00000000.

    2) When someone requests:

        http://no-such-server-really/scripts/counter.exe?AAAAAover-2200-As

    you get a similar problem - though not a buffer overrun.

    Whilst  in  a  state  of  "hanging"  all  other vaild requests for
    counter are queued  and not dealt  with until someone  goes to the
    console and okays the  AV messages.  Added  to this memory can  be
    consumed if the page is continuosly requested.

SOLUTION

    No response from author.