Full Disclosure mailing list archives
Unchecked Buffer in Jana Web Server
From: full-disclosure () lists netsys com (Matthew Murphy)
Date: Mon, 5 Aug 2002 17:38:45 -0500
Security Advisory: Unchecked Buffer in Jana Web Server Jana Web Server has been the focus of several recent discoveries, including several buffer overrun vulnerabilities. Yet another exploitable overflow exists in the Jana Web Server. Jana Web Server does not properly check the size of the HTTP request method input by the user before storing it, resulting in a stack overflow. If the method sufficiently exceeds the allocated storage, EIP will be overwritten. Example: [buffer] / HTTP/1.0 The buffer can't contain any of the following chars: 0x00 - duh 0x0D - CR 0x0A - LF (both end our request line) 0x20 - space; this terminates the method portion Exploitability is still in testing. "The reason the mainstream is thought of as a stream is because it is so shallow." - Author Unknown
Current thread:
- Unchecked Buffer in Jana Web Server Matthew Murphy (Aug 05)