TITLE:
thttpd "defang()" Buffer Overflow Vulnerability

SECUNIA ADVISORY ID:
SA10092

VERIFY ADVISORY:
http://www.secunia.com/advisories/10092/

CRITICAL:
Highly critical

IMPACT:
DoS, System access

WHERE:
From remote

SOFTWARE:
thttpd 2.x

DESCRIPTION:
A vulnerability has been reported in thttpd, which can be exploited
by malicious people to compromise a vulnerable system.

The vulnerability is caused due to a boundary error in the "defang()"
function when handling certain input. This can be exploited to cause
a buffer overflow by supplying specially crafted input containing
multiple "<" and ">" characters.

Successful exploitation allows execution of arbitrary code.

The vulnerability has been reported in versions 2.21 through 2.23b1.

SOLUTION:
Update to version 2.24:
http://www.acme.com/software/thttpd/thttpd-2.24.tar.gz

REPORTED BY / CREDITS:
Joel Soderberg and Christer Oberg, Texonet.

ORIGINAL ADVISORY:
http://www.texonet.com/advisories/TEXONET-20030908.txt

----------------------------------------------------------------------

Secunia recommends that you verify all advisories you receive, by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

Contact details:
Web	: http://www.secunia.com/
E-mail	: support@secunia.com
Tel	: +45 7020 5144
Fax	: +45 7020 5145

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://www.secunia.com/sec_adv_unsubscribe/?email=packet@packetstormsecurity.org

----------------------------------------------------------------------