Subject: [w00giving '99 #15] Savant v2.0 web server

Release Date: December 28, 1999

Systems Affected: Savant v2.0 for Win 9X/NT/2K and possibly others

About The Software:
Savant provides support for most modern web features and technologies.


UssrLabs found a vulnerability that would allow someone to crash a Savant
web server by passing a NUL ('\0') character in the GET (HTML) routine.

Example: http://SavantServerIP/%00/

The result of the crash, stored in C:\Savant\Logs\general.txt, looks like
  Attacker Ip - - [20/Dec/1999:00:10:27 -0300] "GET
  htmlindex.htmlindex.htmlindex.htmlindex.htmlindex.htmlindex.html" 301

Do you do the w00w00?
This advisory also acts as part of w00giving. This is another contribution
to w00giving for all you w00nderful people out there. You do know what
w00giving is don't you?

Vendor Status: Contacted

Program URL:

Because source to Savant isn't public, wait for the vendor to provide a

eEye, Attrition, w00w00, beavuh, Rhino9, ADM, L0pht, HNN, Technotronic and

u n d e r g r o u n d  s e c u r i t y  s y s t e m s  r e s e a r c h

Back to Advisories Back to the main page