Bugtraq mailing list archives
Buffer overflows in Skyline/SpinBox client
From: tfheen () OPERA NO (Tollef Fog Heen)
Date: Mon, 1 May 2000 00:00:18 +0200
There are some buffer overflows in SpinBox/1.1 (from the spin_server.conf). SpinBox is an SSI/cgi-tool used by advertisement companies, made by Skyline. Since this is closed source software, I can't post the sources. The buffer overflows are mostly in the query string (strcat and strcpy instead of strncat and strncpy). The cgi-bin will usually run with an uid of nobody (most Unices) or www-data (Debian), so depending on configuration the severity might be none to possible defacing of web sites. If you use the SpinBox client (our ad provided is uniquemedia.net, thanks to them for providing sources and in general being helpful and responsive) with a version number less than 1.1, or haven't been notified in the last three weeks, you are vulnerable. Vendor is notified about three weeks ago. -- Tollef Fog Heen Unix _IS_ user friendly... It's just selective about who its friends are.
Current thread:
- Buffer overflows in Skyline/SpinBox client Tollef Fog Heen (Apr 30)