MyWebServer URL Processing Overflow DoS

2002-07-03T00:00:00
ID OSVDB:6660
Type osvdb
Reporter Robin Keir(robin.keir@foundstone.com)
Modified 2002-07-03T00:00:00

Description

Vulnerability Description

MyWebServer contains a flaw that may allow a remote attacker to execute arbitrary code. The issue is triggered when sending an overly long URL request containing 1,000 bytes or more. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

MyWebServer contains a flaw that may allow a remote attacker to execute arbitrary code. The issue is triggered when sending an overly long URL request containing 1,000 bytes or more. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.

References:

Vendor URL: http://www.mywebserver.org/us/ Other Advisory URL: http://www.foundstone.com/index.htm?subnav=resources/navigation.htm&subcontent=/resources/advisories_template.htm%3Findexid%3D8 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2002-07/0073.html ISS X-Force ID: 9501 CVE-2002-1003 Bugtraq ID: 5184