From da@securityfocus.com Wed Jul 10 18:45:52 2002 From: Dave Ahmad To: bugtraq@securityfocus.com Date: Mon, 8 Jul 2002 15:59:27 -0600 (MDT) Subject: Foundstone Advisory - Buffer Overflow in MyWebServer (fwd) ---------- Forwarded message ---------- Return-Path: Delivered-To: da@securityfocus.com Received: (qmail 7643 invoked from network); 8 Jul 2002 21:57:16 -0000 Received: from unknown (HELO mission.foundstone.com) (66.192.0.2) by mail.securityfocus.com with SMTP; 8 Jul 2002 21:57:16 -0000 X-MimeOLE: Produced By Microsoft Exchange V6.0.5762.3 content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Subject: Foundstone Advisory - Buffer Overflow in MyWebServer Date: Mon, 8 Jul 2002 15:03:44 -0700 Message-ID: <9DC8A3D37E31E043BD516142594BDDFAC475B2@MISSION.foundstone.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Foundstone Advisory - Buffer Overflow in MyWebServer Thread-Index: AcImy1QmoQ4mhAPnTnaAiGRmcRu0VQ== From: "Foundstone Labs" To: ---------------------------------------------------------------------- FS Advisory ID: FS-070302-24-MWSX Release Date: July 3rd, 2002 Product: MyWebServer Vendor: MyWebServer (http://www.mywebserver.org) Vendor Advisory: See vendor web site Type: Buffer Overflow Severity: High Author: Robin Keir (robin.keir@foundstone.com) Foundstone, Inc. (http://www.foundstone.com) Operating Systems: Windows variants Vulnerable versions: MyWebServer v1.02 and previous Foundstone Advisory: http://www.foundstone.com/advisories.htm --------------------------------------------------------------------- Description A buffer overflow exists in versions 1.02 and previous of MyWebServer. Exploitation of this vulnerability allows remote execution of arbitrary code with daemon privileges. Details Sending a GET request containing a URL of approx. 1000 characters or more causes MyWebServer to crash. Exploitation is possible and proof of concept code has been authored demonstrating this problem. Solution: Refer to the vendor's web site for further details: http://www.mywebserver.org Disclaimer: The information contained in this advisory is copyright (c) 2002 Foundstone, Inc. and is believed to be accurate at the time of publishing, but no representation of any warranty is given, express, or implied as to its accuracy or completeness. In no event shall the author or Foundstone be liable for any direct, indirect, incidental, special, exemplary or consequential damages resulting from the use or misuse of this information. This advisory may be redistributed, provided that no fee is assigned and that the advisory is not modified in any way.