Simpleserver:WWW is a freely available web server from AnalogX. Simpleserver:WWW is designed to provide an easy to use web server with a friendly interface.
A problem with the web server could lead to a Denial of Service to legitimate users. By connecting to the web server, and requesting an HTTP GET of the /aux directory, the web server ceases operation. A watchdog process or manual restart of the web server process is required.
Therefore, it is possible for remote users to deny service to legitimate users of the web server.
telnet vulnerable.web.server 80
then hit return twice
AnalogX SimpleServer:WWW /aux Directory Request Parsing Remote DoS
Remote / Network Access
Denial of Service
Loss of Availability
AnalogX SimpleServer:WWW contains a flaw that allows a remote attacker to crash the service. The issue is due to improper checking of GET requests made to the server. If a remote user requests a URL with a conventional DOS device name such as "aux", they may crash the server.
Upgrade to version 1.13 or higher, as it has been reported to fix this
vulnerability. An upgrade is required as there are no known workarounds.