| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <18231.66.192.0.71.1051758967.squirrel@web.axisamerica.com> From: badpack3t at security-protocols.com (tom ferris) Subject: MDG Web Server 4D 3.6.0 Buffer Overflow SP Research Labs Advisory x05 ----------------------------- www.security-protocols.com Product - MDG Web Server 4D 3.6.0 Buffer Overflow Download it here: ftp://ftp.mdg.com/demos/WS4D/Win/WS4D_3.6.0_Full.exe Date Released - 04/30/2003 Release Mode ? Vendor was notified on 04/27/2003. The vendor did not give me a date for the updated version. ------------------------------ Product Description from the vendor - A full featured web server with an integrated database for publishing your databases on the web for MacOS and WindowsNT. ------------------------------- Vulnerability Description - A buffer overflow vulnerability exists within MDG Web Server 4D 3.6.0. By doing a GET / with 4096 <?s will cause the web server to crash. Once the malicious payload has been sent, the web server will crash giving a runtime error. This vulnerability is remotely exploitable. Exploit is attached for your pleasure. Advisory Link ? http://www.security-protocols.com/article.php?sid=1493&mode=thread&order=0 Tested on: Windows XP Pro SP1 Windows 2000 SP3 ------------------------------- peace out, ------------------------------- badpack3t www.security-protocols.com ------------------------------- -------------- next part -------------- A non-text attachment was scrubbed... Name: sp-ws4d.c Type: application/octet-stream Size: 2716 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030430/60bf9a81/sp-ws4d.obj
Powered by blists - more mailing lists