Secunia

Some vulnerabilities have been reported in GoAhead WebServer, which can be exploited by malicious people to cause a DoS (Denial of Service) or to disclose sensitive information.

1) The server fails to handle certain invalid HTTP POST requests where the value specified in the "Content-Length" header is larger than the actual amount of data. This can be exploited to cause the server process to enter an infinite loop consuming 100% CPU resources.

2) An error in the processing of requests where slashes are replaced by "\", "%5c", or combinations hereof, can be exploited to disclose the source of executable files in "cgi-bin" and potentially to gain access to files in restricted folders.

3) An unspecified error can be exploited to gain access to arbitrary files on the system. No further information is currently available.

The vulnerabilities have been reported in version 2.1.8 and prior.

Solution
Update to version 2.5.

Provided and/or discovered by
1, 2) Luigi Auriemma
3) Daniel Peck of Digital Bond, reported via US-CERT.

Changelog
Further details available in Customer Area

Original Advisory
Luigi Auriemma:
http://aluigi.altervista.org/adv/goahead-adv1.txt
http://aluigi.altervista.org/adv/goahead-adv2.txt

US-CERT:
http://www.kb.cert.org/vuls/id/124059

Deep Links
Links available in Customer Area