Added: 10/10/2014
CVE: CVE-2014-5289
BID: 69263
OSVDB: 110142
SENKAS Kolibri Webserver is a free very simple web server for Microsoft Windows that supports serving static web content.
Kolibri Webserver is vulnerable to a stack buffer overflow as a result of failure to properly validate user-supplied input when handling HTTP POST requests. A successful remote attacker could potentially execute arbitray code in the context of the Kolibri server.
Deploy an alternate web server product or apply a patch when and if it becomes available.
<http://www.securityfocus.com/archive/1/533150/30/270/threaded>
Exploit works against Kolibri Webserver 2.0 running on English versions of Windows XP SP2 32-bit, Windows XP SP3 32-bit and Windows 7 32-bit and 64-bit.
Windows XP SP2
Windows XP SP3
Windows 7