Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

MDG Web Server 4D 3.6.0 Buffer Overflow

From: "tom ferris" <badpack3t () security-protocols com>
Date: Wed, 30 Apr 2003 23:16:07 -0400 (EDT)
SP Research Labs Advisory x05
-----------------------------
www.security-protocols.com

Product - MDG Web Server 4D 3.6.0 Buffer Overflow


Download it here:

ftp://ftp.mdg.com/demos/WS4D/Win/WS4D_3.6.0_Full.exe

Date Released - 04/30/2003

Release Mode –

Vendor was notified on 04/27/2003. The vendor did not give me a date for
the updated version.

------------------------------

Product Description from the vendor -

A full featured web server with an integrated database for publishing your
databases on the web for MacOS and WindowsNT.

-------------------------------

Vulnerability Description -

A buffer overflow vulnerability exists within MDG Web Server 4D 3.6.0.  
By doing a GET / with 4096 <’s  will cause the web server to crash.  Once
the malicious payload has been sent, the web server will crash giving a
runtime error.  This vulnerability is remotely exploitable.  Exploit is
attached for your pleasure.

Advisory Link –

http://www.security-protocols.com/article.php?sid=1493&mode=thread&order=0

Tested on:

Windows XP Pro SP1
Windows 2000 SP3

-------------------------------


peace out,

-------------------------------
badpack3t
www.security-protocols.com
-------------------------------

Attachment: sp-ws4d.c
Description:

Previous By Date Next
Previous By Thread Next

Current thread: