Vulnerability

    OmniHTTPd Pro

Affected

    OmniHTTPd Pro

Description

    Following  is  based  on   a  Strumpf  Noir  Society   Advisories.
    OmniHTTPd Pro  is a  powerful all-purpose  industry compliant  web
    server built specifically for the Windows 9x and NT platforms.

    The OmniHTTPd  Pro web  server is  susceptible to  a DoS through a
    lengthy POST request.   If such a  request is made  to the  server
    which exceeds  4111 bytes  in size  the server  process will  die.
    Neither  the  request  or  the  crash  are  recorded in the server
    logfiles.

    This was tested against OmniHTTPd Pro v2.08 on WINNT4.

Solution

    Momentarily no fix for the problem appears forthcoming.