Kolibri+ Webserver 2 Multiple Vulnerabilities

Kolibri+ Webserver 2 suffers from multiple vulnerabilities namely Directory Traversal &  Denial OF Service. Vulnerability was reported on 6th of September 2009 by Xc0re Security Research Group.

http://xc0re.net/index.php?p=1_19_Kolibri+-Webserver-2-multiple-vulnerabilities

An attacker can easily crash the server , or send a crafted http request to escape the root directory and view any file , even outside the root directory.

One thought on “Kolibri+ Webserver 2 Multiple Vulnerabilities

  1. Thanks for downloading and testing Kolibri Webserver.

    Please note that “Kolibri+ is primarily intended for testing, development and demo activities … Kolibri+ is not intended for any serious production use.”

    So Kolibri is not secure for the same reason bicycles don’t have airbags 🙂

    Thanks,
    Fedja S. (senkas.com)

Leave a Reply

Your email address will not be published. Required fields are marked *