Subject: [w00giving '99 #13] ZBSoft's ZBServer 1.5 Pro Edition Release Date: December 23, 1999 Systems/Versions Affected: ZBServer 1.5 Pro Edition (possibly others) for Win98/NT) About The Software: ZBServer Pro Edition is a full-featured Internet server software package that includes HTTP, Gopher, FTP, and Chat services. THE PROBLEM UssrLabs has found a remote buffer overflow in the code that handles the GET command. There is an unchecked buffer that will allow arbitrary code to be executed if it is overflowed. Do you do the w00w00? This advisory also acts as part of w00giving. This is another contribution to w00giving for all you w00nderful people out there. You do know what w00giving is don't you? http://www.w00w00.org/advisories.html Binary or source for this exploit: http://www.ussrback.com Vendor Status: Notified with no response Program URL: http://www.zbsoft.com/zbserver/index.htm SOLUTION Because the vendor doesn't release source code, wait for them to provide a patch. Greetings: eEye, Attrition, w00w00, beavuh, Rhino9, ADM, L0pht, HNN, Technotronic, and Wiretrip u n d e r g r o u n d s e c u r i t y s y s t e m s r e s e a r c h http://www.ussrback.com