Bugtraq mailing list archives
Re: MFC ISAPI Framework Buffer Overflow
From: Chris Wysopal <cwysopal () atstake com>
Date: 12 Jul 2002 23:52:11 -0000
In-Reply-To: <001901c228f4$c963fe20$e62d1c41 () kc rr com> BadBlue (and all vendors who wrote ISAPI extensions with MFC) should recompile with Visual Studio 6.0 SP4 or later. There were serious problems with many ISAPI extensions built with earlier versions of the MFC libraries. 2 problems are documented in Microsoft KB articles: ISAPI DLLs That Are Built with MFC Static Libraries Are Vulnerable to Denial of Service Attacks (Q310649) http://support.microsoft.com/search/preview.aspx?scid=kb;en-us;Q310649 and FIX: Access Violation in MFC ISAPI with Large Query String (Q216562) http://support.microsoft.com/search/preview.aspx?scid=kb;en-us;Q216562 -Chris
Systems Affected: All ISAs written using MFC ISAPI framework Issue: User-input length values can result in a buffer overflow. Risk: Critical Scope: Remote Server Compromise The MFC ISAPI framework is widely used to build ISAs that run on a multitude of web servers. It has been discovered that the framework relies on user-input values for request member lengths, making it prone to a buffer overrun attack. When I downloaded my copy of the BadBlue PWS and began to test its bizarre "ext.dll" module for vulnerabilities, I found that a specially malformed POST request:
Current thread:
- MFC ISAPI Framework Buffer Overflow Matthew Murphy (Jul 12)
- <Possible follow-ups>
- Re: MFC ISAPI Framework Buffer Overflow Chris Wysopal (Jul 12)